@ludecker/aaac 1.1.4 → 1.1.6

package/src/run-engine/lib.mjs

@@ -123,6 +123,28 @@ export function isEditPhase(phase, enforcement) {
   return enforcement.edit_phases.includes(phase);
 }
 
+/** Test/spec file paths — used for writer vs tester phase scoping. */
+export function isTestPath(filePath) {
+  if (!filePath) return false;
+  const normalized = filePath.replace(/\\/g, "/");
+  return (
+    /\.(test|spec)\.(mjs|cjs|js|ts|tsx)$/.test(normalized) ||
+    /(?:^|\/)__tests__(?:\/|$)/.test(normalized) ||
+    /(?:^|\/)tests\/(?:unit|integration|e2e|fixtures)\//.test(normalized)
+  );
+}
+
+/** Phase-scoped edit rules from enforcement.phase_edit_scopes (v3+). */
+export function isPathAllowedForPhase(filePath, phase, enforcement) {
+  if (!filePath) return true;
+  const scopes = enforcement.phase_edit_scopes?.[phase];
+  if (!scopes) return true;
+  const isTest = isTestPath(filePath);
+  if (scopes.deny_test_paths && isTest) return false;
+  if (scopes.test_paths_only && !isTest) return false;
+  return true;
+}
+
 export function isArtifactPath(filePath, enforcement) {
   const normalized = filePath.replace(/\\/g, "/");
   const prefixes = [
@@ -136,6 +158,34 @@ export function phaseKind(phase, registry) {
   return isGatePhase(phase, registry) ? "gate" : "work";
 }
 
+/** Swarm minimum for completed phase — check verb uses check_swarm on discover. */
+export function resolveSwarmMinimum(completedPhase, manifest, enforcement) {
+  const mutating = enforcement.mutating_verbs ?? ["create", "update", "fix"];
+  const isMutating =
+    mutating.includes(manifest.verb) ||
+    enforcement.fix_commands?.includes(manifest.command);
+
+  if (completedPhase === "verify" && isMutating) {
+    return (
+      enforcement.swarm_min_agents?.verify ??
+      enforcement.swarm_min_agents?.verify_fix
+    );
+  }
+  if (completedPhase === "test_execute" && isMutating) {
+    return enforcement.swarm_min_agents?.test_execute;
+  }
+  if (completedPhase === "review_swarm" && isMutating) {
+    return enforcement.swarm_min_agents?.review_swarm;
+  }
+  if (completedPhase === "discover" && manifest.verb === "check") {
+    return (
+      enforcement.swarm_min_agents?.check_swarm ??
+      enforcement.swarm_min_agents?.discover
+    );
+  }
+  return enforcement.swarm_min_agents?.[completedPhase];
+}
+
 export function promptFromHook(hook) {
   return hook?.prompt ?? hook?.text ?? hook?.content ?? "";
 }
@@ -172,3 +222,118 @@ export function clearActiveRun(conversationId) {
     // already cleared
   }
 }
+
+export function isMutatingVerb(manifest, enforcement) {
+  const mutating = enforcement.mutating_verbs ?? ["create", "update", "fix"];
+  return (
+    mutating.includes(manifest.verb) ||
+    (enforcement.fix_commands ?? []).includes(manifest.command)
+  );
+}
+
+/** List items under a YAML field (lines starting with `-` before next top-level key). */
+export function readYamlListField(content, fieldName) {
+  if (!content) return [];
+  const lines = content.split("\n");
+  const start = lines.findIndex((line) => line.startsWith(`${fieldName}:`));
+  if (start < 0) return [];
+
+  const inline = lines[start].slice(`${fieldName}:`.length).trim();
+  if (inline === "[]") return [];
+  if (inline && !inline.startsWith("-")) return [inline];
+
+  const items = [];
+  for (let i = start + 1; i < lines.length; i += 1) {
+    const line = lines[i];
+    if (/^\S/.test(line) && line.trim()) break;
+    const itemMatch = line.match(/^\s+-\s+(.*)$/);
+    if (itemMatch) items.push(itemMatch[1].trim());
+  }
+  return items;
+}
+
+export function readYamlScalarField(content, fieldName) {
+  if (!content) return null;
+  const match = content.match(new RegExp(`^${fieldName}:\\s*(.+)$`, "m"));
+  if (!match) return null;
+  return match[1].trim().replace(/^["']|["']$/g, "");
+}
+
+export function hasYamlField(content, fieldName) {
+  if (!content) return false;
+  return new RegExp(`^${fieldName}:`, "m").test(content);
+}
+
+export function planRequiresTests(planContent) {
+  if (!planContent) return false;
+  if (hasYamlField(planContent, "tests_to_add")) {
+    return readYamlListField(planContent, "tests_to_add").length > 0;
+  }
+  return /^\s*create:[\s\S]*?^\s+-\s+path:.*\/lib\//m.test(planContent);
+}
+
+export function validatePhaseArtifactContent(runId, completedPhase, manifest, enforcement) {
+  if (!isMutatingVerb(manifest, enforcement)) {
+    return { ok: true };
+  }
+
+  const planPath = path.join(runDir(runId), "artifacts/plan.yaml");
+  const planContent = fs.existsSync(planPath)
+    ? fs.readFileSync(planPath, "utf8")
+    : "";
+
+  if (completedPhase === "plan") {
+    if (!hasYamlField(planContent, "tests_to_add")) {
+      return {
+        ok: false,
+        reason:
+          "plan.yaml must include tests_to_add (behaviors to cover, or tests_to_add: [] when no tests are needed)",
+      };
+    }
+    return { ok: true };
+  }
+
+  if (completedPhase === "test_execute") {
+    const testPlanPath = path.join(runDir(runId), "artifacts/test_plan.yaml");
+    const testPlanContent = fs.existsSync(testPlanPath)
+      ? fs.readFileSync(testPlanPath, "utf8")
+      : "";
+
+    const filesWritten = readYamlListField(testPlanContent, "files_written");
+    const skippedReason = readYamlScalarField(testPlanContent, "skipped_reason");
+    const testsRequired = planRequiresTests(planContent);
+
+    if (/status:\s*deferred/i.test(testPlanContent) && filesWritten.length === 0) {
+      return {
+        ok: false,
+        reason:
+          "test_plan.yaml cannot defer tests — author test files in test_execute (files_written required)",
+      };
+    }
+
+    if (testsRequired && filesWritten.length === 0) {
+      return {
+        ok: false,
+        reason:
+          "plan.yaml tests_to_add requires non-empty test_plan.files_written — launch test-author Task in test_execute",
+      };
+    }
+
+    if (
+      hasYamlField(planContent, "tests_to_add") &&
+      /tests_to_add:\s*\[\]/m.test(planContent) &&
+      filesWritten.length === 0 &&
+      !skippedReason
+    ) {
+      return {
+        ok: false,
+        reason:
+          "tests_to_add is empty — test_plan.yaml must include skipped_reason explaining why no tests were authored",
+      };
+    }
+
+    return { ok: true };
+  }
+
+  return { ok: true };
+}

package/src/run-engine/log.mjs

@@ -334,7 +334,7 @@ export function debugRunSummary(manifest) {
     awaiting_approval: manifest.awaiting_approval,
     completed: manifest.completed ?? [],
     pending: manifest.pending ?? [],
-    swarm: { phase: swarmPhase, task_launches_this_phase: swarmCount },
+    swarm: { phase: swarmPhase, task_launches_this_phase: swarmCount, agents: manifest.swarm?.agents ?? [] },
     edit_allowed: manifest.enforcement?.edit_allowed ?? false,
     last_log_entries: log.slice(-10),
     decisions_count: (manifest.decisions ?? []).length,

package/src/run-engine/record-task.mjs

@@ -44,19 +44,40 @@ process.stdin.on("end", () => {
   if (manifest.conversation_id && manifest.conversation_id !== conversationId) allow();
 
   manifest.swarm = manifest.swarm ?? {};
-  manifest.swarm.task_launches_this_phase = (manifest.swarm.task_launches_this_phase ?? 0) + 1;
+  const launchIndex = (manifest.swarm.task_launches_this_phase ?? 0) + 1;
+  manifest.swarm.task_launches_this_phase = launchIndex;
   manifest.swarm.phase = manifest.phase;
-  manifest.updated_at = isoNow();
+
+  const agentEntry = {
+    at: isoNow(),
+    index: launchIndex,
+    phase: manifest.phase,
+    subagent_type: hook.subagent_type ?? hook.subagentType ?? null,
+    description: hook.description ?? hook.subagent_description ?? null,
+    model: hook.model ?? null,
+    readonly: hook.readonly ?? null,
+  };
+  manifest.swarm.agents = manifest.swarm.agents ?? [];
+  manifest.swarm.agents.push(agentEntry);
+
+  const telemetryDetail = JSON.stringify({
+    count: launchIndex,
+    subagent_type: agentEntry.subagent_type,
+    index: launchIndex,
+  });
 
   recordLog(manifest, {
     event: "agent_spawned",
     phase: manifest.phase,
     phase_kind: manifest.phase_kind,
-    detail: `count=${manifest.swarm.task_launches_this_phase}`,
+    detail: telemetryDetail,
     level: "debug",
   });
 
   writeJson(path.join(runDir(active.run_id), "run.json"), manifest);
-  saveActiveRun(conversationId, { ...active, task_launches_this_phase: manifest.swarm.task_launches_this_phase });
+  saveActiveRun(conversationId, {
+    ...active,
+    task_launches_this_phase: manifest.swarm.task_launches_this_phase,
+  });
   allow();
 });

package/templates/cursor/aaac/enforcement.json

@@ -1,20 +1,36 @@
 {
-  "version": 2,
+  "version": 3,
   "description": "AAAC runtime enforcement — SSOT for hooks and run engine",
-  "edit_phases": ["execute", "sync_inventory", "persist", "write"],
-  "artifact_write_phases": ["plan", "report", "verify"],
+  "edit_phases": ["execute", "test_execute", "sync_inventory", "persist", "write"],
+  "artifact_write_phases": ["plan", "report"],
+  "mutating_verbs": ["create", "update", "fix"],
+  "phase_edit_scopes": {
+    "execute": { "deny_test_paths": true },
+    "test_execute": { "test_paths_only": true }
+  },
   "verify_verbs": ["create", "update", "fix"],
   "swarm_min_agents": {
     "discover": 4,
+    "check_swarm": 3,
     "investigate_swarm": 7,
     "research_swarm": 6,
-    "verify_fix": 3
+    "test_execute": 1,
+    "verify": 3,
+    "verify_fix": 3,
+    "review_swarm": 3
   },
   "phase_artifacts": {
     "investigate_swarm": ["artifacts/investigation.md"],
     "root_cause": ["artifacts/root_cause.yaml"],
     "plan": ["artifacts/plan.yaml"],
+    "validate": ["artifacts/validate.yaml"],
+    "impact_analysis": ["artifacts/impact.yaml"],
+    "dependency_graph": ["artifacts/dependency_graph.yaml"],
+    "fitness_functions": ["artifacts/fitness.yaml"],
+    "rollback": ["artifacts/rollback.yaml"],
+    "test_execute": ["artifacts/test_plan.yaml"],
     "verify": ["artifacts/verify.yaml"],
+    "review_swarm": ["artifacts/review.yaml"],
     "report": ["artifacts/report.md"]
   },
   "allowed_path_prefixes": {

package/templates/cursor/aaac/graph.project.yaml

@@ -1,5 +1,6 @@
-# Generic AAAC project overlay — verb orchestrators + exception commands only.
-# Add domain resolvers, orchestrators, and project skills in your repo after init.
+# Generic AAAC project overlay — copied into consumer repos by `aaac init`.
+# Add `resolvers:` and domain orchestrators when you create `.cursor/domains/<slug>/`.
+# Reference implementation (Lüdecker cms/ui/database): ludecker repo `.cursor/aaac/graph.project.yaml`
 
 orchestrators:
   update-doc:
@@ -41,7 +42,7 @@ orchestrators:
   verb-fix:
     path: skills/shared/verbs/fix/orchestrator
     requires: [discovery, investigation, root-cause, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
+    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, test_execute, verify, review_swarm, sync_inventory, report]
 
   verb-review:
     path: skills/shared/verbs/review/orchestrator
@@ -72,11 +73,17 @@ skills:
   execution:
     path: skills/shared/execution
     depends: [governance/implementation]
+  test-authoring:
+    path: skills/shared/test-authoring
+    agents: [test-author]
   testing:
     path: skills/shared/testing
     agents: [unit-test-run, fallow-check-changed, fix-repro-verify]
   verification:
     path: skills/shared/verification
+  implementation-review:
+    path: skills/shared/implementation-review
+    agents: [boundary-review, doc-conformance, implementation-review]
   reporting:
     path: skills/shared/reporting
   architecture:
@@ -182,6 +189,12 @@ agents:
     path: agents/fix-repro-verify.md
   fix-hypothesis-validate:
     path: agents/fix-hypothesis-validate.md
+  test-author:
+    path: agents/test-author.md
+  doc-conformance:
+    path: agents/doc-conformance.md
+  implementation-review:
+    path: agents/implementation-review.md
   release-git:
     path: agents/release-git.md
     wave: 1
@@ -189,7 +202,5 @@ agents:
 
 policies:
   - policies/master-rules.md
-  - policies/project-context.md
-  - policies/ui-design.md
   - policies/implementation.md
   - policies/mcp-and-deploy.md

package/templates/cursor/aaac/lifecycle/lifecycle.json

@@ -8,7 +8,9 @@
         "investigate_lite",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"
@@ -19,7 +21,9 @@
         "investigate_lite",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"
@@ -31,7 +35,9 @@
         "root_cause",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"
@@ -58,7 +64,9 @@
         "investigate_lite",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"
@@ -96,7 +104,9 @@
         "root_cause",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"
@@ -109,7 +119,9 @@
         "root_cause",
         "plan",
         "execute",
+        "test_execute",
         "verify",
+        "review_swarm",
         "report"
       ],
       "gate_stack": "pre_execute"

package/templates/cursor/aaac/lifecycle/phases.json

@@ -14,7 +14,9 @@
     "fitness_functions": { "skill": "fitness-functions", "gate": true },
     "rollback": { "skill": "rollback", "gate": true },
     "execute": { "skill": "execution" },
+    "test_execute": { "skill": "test-authoring" },
     "verify": { "skills": ["testing", "verification"] },
+    "review_swarm": { "skill": "implementation-review", "readonly": true },
     "report": { "skill": "reporting" }
   }
 }

package/templates/cursor/aaac/run/schema.json

@@ -35,6 +35,11 @@
       "stack": "string | null",
       "results": {}
     },
+    "swarm": {
+      "task_launches_this_phase": 0,
+      "phase": "string | null",
+      "agents": []
+    },
     "created_at": "iso8601",
     "updated_at": "iso8601"
   },

package/templates/cursor/aaac/scripts/run-engine/advance-phase.mjs

@@ -16,6 +16,8 @@ import {
   phaseKind,
   isEditPhase,
   isGatePhase,
+  resolveSwarmMinimum,
+  validatePhaseArtifactContent,
   writeJson,
   saveActiveRun,
 } from "./lib.mjs";
@@ -55,11 +57,7 @@ if (manifest.phase !== completedPhase) {
   process.exit(1);
 }
 
-const minAgents =
-  completedPhase === "verify" &&
-  (enforcement.fix_commands?.includes(manifest.command) || manifest.verb === "fix")
-    ? enforcement.swarm_min_agents?.verify_fix
-    : enforcement.swarm_min_agents?.[completedPhase];
+const minAgents = resolveSwarmMinimum(completedPhase, manifest, enforcement);
 const launches = manifest.swarm?.task_launches_this_phase ?? 0;
 if (minAgents && launches < minAgents && !force) {
   recordLog(manifest, {
@@ -135,6 +133,28 @@ for (const rel of requiredArtifacts) {
   }
 }
 
+if (!force) {
+  const contentGate = validatePhaseArtifactContent(
+    runId,
+    completedPhase,
+    manifest,
+    enforcement,
+  );
+  if (!contentGate.ok) {
+    recordLog(manifest, {
+      event: "gate_fail",
+      phase: completedPhase,
+      phase_kind: manifest.phase_kind,
+      detail: contentGate.reason,
+      level: "warn",
+    });
+    manifest.updated_at = isoNow();
+    writeJson(manifestPath, manifest);
+    console.error(contentGate.reason);
+    process.exit(2);
+  }
+}
+
 const now = isoNow();
 const completedIsGate = isGatePhase(completedPhase, registry);
 

package/templates/cursor/aaac/scripts/run-engine/debug-run.mjs

@@ -31,6 +31,12 @@ if (summary.blocked_reason) console.log(`Blocked: ${summary.blocked_reason}`);
 console.log(`Completed: ${summary.completed.join(" → ") || "(none)"}`);
 console.log(`Pending: ${summary.pending.join(" → ") || "(none)"}`);
 console.log(`Swarm: phase=${summary.swarm.phase} count=${summary.swarm.task_launches_this_phase}`);
+if (summary.swarm.agents?.length) {
+  console.log(`Agents: ${summary.swarm.agents.length} recorded this phase`);
+  for (const a of summary.swarm.agents.slice(-5)) {
+    console.log(`  #${a.index} ${a.subagent_type ?? "?"} ${a.description ?? ""} @ ${a.at}`);
+  }
+}
 console.log(`Log: ${summary.log_count} entries  Decisions: ${summary.decisions_count}`);
 console.log("--- last 10 log entries ---");
 for (const e of summary.last_log_entries) {

package/templates/cursor/aaac/scripts/run-engine/gate-write.mjs

@@ -7,6 +7,7 @@ import {
   loadEnforcement,
   isEditPhase,
   isArtifactPath,
+  isPathAllowedForPhase,
   conversationIdFromHook,
   runDir,
   writeJson,
@@ -86,6 +87,18 @@ process.stdin.on("end", () => {
   }
 
   if (isEditPhase(manifest.phase, enforcement)) {
+    if (filePath && !isPathAllowedForPhase(filePath, manifest.phase, enforcement)) {
+      persistEditEvent(
+        manifest,
+        active.run_id,
+        "edit_denied",
+        `${toolName} path not allowed in phase ${manifest.phase}: ${filePath}`,
+      );
+      deny(
+        `AAAC: ${manifest.phase} phase cannot edit this path. Run: ${active.run_id}`,
+        `Phase "${manifest.phase}" scope violation${filePath ? `: ${filePath}` : ""}. Use test_execute for tests; execute for prod code only.`,
+      );
+    }
     persistEditEvent(manifest, active.run_id, "edit_allowed", `${toolName} in phase ${manifest.phase}`);
     allow();
   }