@mediadatafusion/pi-workflow-suite 0.0.10 → 0.0.13

package/CHANGELOG.md

@@ -2,6 +2,79 @@
 
 All notable public releases will be documented in this file.
 
+## [0.0.13] - 2026-06-08
+
+### Changed
+
+- Prepared the small runtime package to use the refreshed `0.0.12` npm-hosted package media while keeping promotional media assets out of the install payload.
+
+## [0.0.12] - 2026-06-07
+
+### Added
+
+- Added `workflow_stop_server` for platform-aware cleanup of temporary dev and static servers after validation checks.
+- Added independent text-style controls for workflow widgets and startup visuals.
+- Added Mission saved-history retention with a dedicated Mission History settings surface.
+- Added clearer sub-agent worker policy controls for Standard, Plan, and Mission workflow phases.
+
+### Changed
+
+- Refined Standard, Plan, and Mission widgets with clearer top/bottom status, progress, model route, runtime, repair, and validation context.
+- Improved Standard Mode To Do, clarification, and status behavior for direct active work.
+- Improved sub-agent orchestration language and behavior around planning, execution preparation, review, validation, and repair support.
+- Clarified token and runtime tradeoffs for worker-backed workflows and deeper sub-agent policies.
+- Clarified presets as workflow behavior profiles that do not change model, provider, auth, session, or shared compaction settings.
+- Rebalanced Plan and Mission reviewer routing so safe, executable work preserves reviewer findings as notes unless a true blocker requires repair.
+
+### Hardened
+
+- Hardened Plan handoffs across reviewer, executor, validator, repair, and re-review phases.
+- Hardened Mission recovery so provider, API, rate-limit, or no-output interruptions preserve repair evidence, validation reports, retry counts, and next actions.
+- Hardened forced sub-agent policies and worker lifecycle cleanup.
+- Hardened parent-owned workflow boundaries so background worker evidence supports the active phase without replacing the main workflow controller.
+- Hardened Repo Lock and tool guards around protected files, temporary evidence, skill reads, screenshot paths, and destructive commands.
+- Hardened validation evidence classification for browser, runtime, endpoint, and localStorage evidence gaps.
+
+### Fixed
+
+- Fixed Standard clarification answer routing and menu handoffs.
+- Fixed Standard status display so user-facing states are shown instead of internal phase labels.
+- Fixed Plan reviewer PASS/NOTES handoff recovery and progress widget drift.
+- Fixed Mission validation interruptions that could obscure completed repair or PASS evidence.
+- Fixed preset operations that could affect user-owned model/provider or compaction state.
+- Fixed reviewer repair recovery paths so reviewer blockers are not confused with validation repair.
+
+## [0.0.11] - 2026-05-30
+
+### Added
+
+- `workflow_browser_check` tool — headless browser verification for validator mode with interactive actions (click, type, read, reload, screenshot, evaluate). Uses Puppeteer from the Pi runtime so validators can verify web app behavior regardless of the target project's dependencies.
+- Token budget controls (`maxTokens`, `maxRuntimeHours`) for Plan, Mission, and Standard modes.
+- Structured validation boolean fields (`concreteRepairableIssue`, `manualVerificationRequired`, `evidenceGap`) on workflow and mission state for infallible classification.
+- `/plan complete` command for explicit Plan Mode completion.
+- Mission reviewer and workflow reviewer prompt templates.
+
+### Hardened
+
+- **Validation pipeline**: PARTIAL PASS with no concrete code defects now completes the workflow. Classifier reordered so concrete fixes route to repair over evidence gaps. Expanded automatable-evidence-gap detection. Mission validation manual-only outcomes advance milestones; final-validation manual-only outcomes complete the mission.
+- **Reviewer and repair**: Mission reviewer auto-repair uses centralized default-enabled configuration matching Plan Mode. Built-in mission defaults aligned (reviewer auto-repair enabled, retry mode `safe_only`, max retries 2). Consistent retry gating across both modes.
+- **Tool guard and Repo Lock**: Safe-command recognition expanded across package managers and ecosystems (pnpm, yarn, bun, npx serve, python3, curl localhost, ps, pgrep, sleep). Shell preamble handling (`stripSafePreamble`) for `set -e` and `export` patterns. `/tmp/` and `/dev/` paths exempted from Repo Lock blocking. Reduced false-positive destructive-command blocks.
+- **Prompts and agents**: Unified inline-diagram guidance across all prompts, agents, and skills. Web app verification procedures with structured evidence output requirements in validator prompts. Sub-agent write-ownership clarified in mission run prompt. Agent Mermaid guidance updated for raw blocks since sub-agents lack `workflow_diagram`.
+- **Runtime accounting**: Wall-clock age uses terminal timestamp when workflow is stopped. Active-runtime tracking preserved for workflows that began before the current session.
+- **Plan Mode progress tracking**: Plan execution step progress now reliably tracks across all steps. The `workflow_progress` tool is guaranteed on the agent's active tool surface every turn. The progress guard enforces step activation before file writes while allowing sub-agents to run freely for research and preparation. Multi-step prompt guidance with inline step status display keeps the agent aligned with the approved plan from first step through final validation.
+
+### Fixed
+
+- Plan execution sub-agents no longer deadlock against the step progress guard when forced sub-agent policies are active.
+- Plan Mode step progress widget consistently updates across multi-step execution instead of staying stuck on step 1.
+
+### Updated
+
+- Validators can write temporary evidence-gathering scripts (was read-only).
+- Mission `maxRuntimeHours` default 8→13.
+- All 4 built-in presets updated with `planShowProgressBar`.
+- Internal architecture documentation expanded with model routing, settings merge chain, and preset bundle architecture.
+
 ## [0.0.10] - 2026-05-25
 
 ### Changed

package/README.md

@@ -1,10 +1,10 @@
 # Pi Workflow Suite
 
-![Pi Workflow Suite — structured workflow orchestration for Pi](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/pi-workflow-suite-header.png)
+![Pi Workflow Suite — structured workflow orchestration for Pi](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/pi-workflow-suite-header.png)
 
-[![Install](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/readme-link-install.svg)](#installation) [![Quick Start](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/readme-link-quick-start.svg)](#quick-start) [![Commands](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/readme-link-commands.svg)](#core-commands) [![Settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/readme-link-settings.svg)](#settings-reference)
+[![Install](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/readme-link-install.svg)](#installation) [![Quick Start](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/readme-link-quick-start.svg)](#quick-start) [![Commands](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/readme-link-commands.svg)](#core-commands) [![Settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/readme-link-settings.svg)](#settings-reference)
 
-**Workflow Suite Version:** `v0.0.10`
+**Workflow Suite Version:** `v0.0.13`
 
 ## Overview
 
@@ -16,23 +16,23 @@ Pi itself is intentionally minimal and extensible. Pi Workflow Suite layers an o
 
 See Pi Workflow Suite in action: structured workflow modes, settings, runtime status, and guided execution inside Pi.
 
-[![Watch the Pi Workflow Suite quick demo](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/pi-workflow-suite-demo.gif)](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/pi-workflow-suite-demo.mp4)
+[![Watch the Pi Workflow Suite quick demo](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/pi-workflow-suite-demo.gif)](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/pi-workflow-suite-demo.mp4)
 
 ## Screenshots
 
-![Pi Workflow Suite Mission Home with workflow graphs](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/00-mission-home.png)
+![Pi Workflow Suite Mission Home with workflow graphs](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/00-mission-home.png)
 
-![Pi Workflow Suite startup logo](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/01-startup-Logo.png)
+![Pi Workflow Suite startup logo](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/01-startup-Logo.png)
 
-![Workflow Suite theme settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/02-theme-settings.png)
+![Workflow Suite theme settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/02-theme-settings.png)
 
-![Workflow Suite global safety settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/03-GlobalSafetySettings.png)
+![Workflow Suite global safety settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/03-GlobalSafetySettings.png)
 
-![Workflow Suite shared sub-agent settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/04-SharedSubAgentsSettings.png)
+![Workflow Suite shared sub-agent settings](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/04-SharedSubAgentsSettings.png)
 
-![Mission Mode milestone progress](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/05-mission-mode.png)
+![Mission Mode milestone progress](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/05-mission-mode.png)
 
-![Workflow Suite Mermaid diagram output](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.6/docs/assets/screenshots/06-diagram-mermaid.png)
+![Workflow Suite Mermaid diagram output](https://cdn.jsdelivr.net/npm/@mediadatafusion/pi-workflow-suite@0.0.12/docs/assets/screenshots/06-diagram-mermaid.png)
 
 ## Contents
 
@@ -55,6 +55,7 @@ See Pi Workflow Suite in action: structured workflow modes, settings, runtime st
 - [Compaction Support](#compaction-support)
 - [Diagram Support](#diagram-support)
 - [Web Access](#web-access)
+- [Browser Verification](#browser-verification)
 - [Repository Lock](#repository-lock)
 - [Plan History](#plan-history)
 - [Mission Progress, Checkpoints, And Runtime Tracking](#mission-progress-checkpoints-and-runtime-tracking)
@@ -115,9 +116,10 @@ Pi Workflow Suite turns Pi into a guided workflow environment:
 | Mission Mode | Long-running milestone workflows with approval, checkpoints, Mission-specific model overrides, validation gates, repair/retry, pause/resume, final-validation controls, and continuity tracking. |
 | Themes And Startup UI | Workflow Suite themes, startup visual cards, startup logo modes, custom terminal logo text, custom brand cards, footer/status styling, widgets, and optional input border styling. |
 | Interactive Diagrams | `workflow_diagram` Mermaid support with terminal preview, SVG-first clickable artifacts, PNG/runtime rendering support, dark-mode-friendly styling, and runtime artifact storage. |
-| Web Research | First-party `workflow_web_search` and `workflow_web_fetch` tools for public web search/fetch with source URLs, blocked local/private/internal hosts, time/size limits, and untrusted-content handling. |
+| Web Research & Browser Verification | First-party `workflow_web_search`, `workflow_web_fetch`, and `workflow_browser_check` tools. Search and fetch for public web evidence with source URLs, blocked local/private/internal hosts, and time/size limits. Headless browser verification for runtime web app validation with interactive UI actions (click, type, read, screenshot, evaluate). |
 | Repo Lock | Project-scoped Global Safety control that constrains normal file tools, bash path checks, and sub-agents to the active repository, with protected configuration paths and clear non-sandbox caveats. |
 | Compaction | Pi default, custom model, or disabled Workflow Suite compaction so context summarization can use its own provider/model, proactive threshold checks, idle-boundary execution, custom token tuning, adaptive fitting, status reporting, and safe fallback. |
+| Token Budgets | Optional per-mode token and runtime caps (`maxTokens`, `maxRuntimeHours`) for Plan, Mission, and Standard Mode. Off by default (unlimited). When enabled, Workflow Suite tracks cumulative usage and blocks further agent turns when the budget is exceeded. |
 | Workflow Roles | Planner, Executor, Reviewer, Validator, Mission, and compaction responsibilities are separated by phase so each job has clear boundaries and can be matched to the right model. |
 | Model Selection | Configure which provider/model and thinking level powers each workflow role, with shared defaults plus Standard-specific and Mission-specific overrides for simpler or higher-rigor setups. |
 | Presets | Built-in and custom workflow profiles with selector commands and Ctrl+Shift+U cycling while active modes are running. |
@@ -134,13 +136,16 @@ Pi Workflow Suite turns Pi into a guided workflow environment:
 - Mission Mode through `/mission`, `/m`, and `Ctrl+Shift+M` for durable milestone workflows.
 - Configurable clarification in Standard Mode, plus dynamic clarification in Plan Mode and Mission Mode.
 - Review, execution, validation, repair, retry, checkpoint, and final-validation controls where the selected mode supports them.
-- Plan history, mission checkpoint history, Standard runtime tracking, Mission runtime tracking, and mode-aware progress widgets.
+- Plan history, mission checkpoint history, Standard runtime tracking, and Mission runtime tracking.
+- Mode-aware progress widgets: Plan step tracking with step-by-step progress and validation gates, Mission milestone tracking with checkpoint history, and Standard Mode dynamic To Do progress.
+- Configurable widget and startup visual text styling, with clearer top/bottom workflow status for active, ready, progress, validation, repair, and runtime states.
 - Workflow settings UI for Standard Mode, Plan Mode, Mission Mode, model selection, sub-agents, compaction, widgets, themes, startup visuals, and safety.
 - Workflow themes with a `none` option, startup visual cards, startup logo modes, custom terminal logo text, custom brand cards, and optional themed input borders.
-- Integrated `workflow_web_search` and `workflow_web_fetch` tools for current public evidence and source-backed URL reading.
+- Integrated `workflow_web_search`, `workflow_web_fetch`, and `workflow_browser_check` tools for current public evidence, source-backed URL reading, and headless browser verification of web app runtime behavior.
 - Interactive `workflow_diagram` Mermaid rendering with terminal preview, clickable SVG artifacts, and PNG/runtime rendering support.
 - Repo Lock for project-scoped path safety around repository work, protected project configuration, and sub-agent inheritance.
 - Role-aware model selection so planning, execution, review, validation, Mission work, and compaction can each use the provider/model and thinking level that fits the job.
+- Optional per-mode token and runtime budgets (`maxTokens`, `maxRuntimeHours`) to cap usage in Plan, Mission, and Standard Mode. Off by default; enable when you need predictable cost or time limits.
 - Sub-agent usage policies for planning, execution, repair, review, and validation, with explicit documentation that these are orchestration settings, not a universal permission manager.
 - Safe install, backup, audit, quarantine, verification, and package validation scripts.
 
@@ -433,6 +438,82 @@ The grouped settings menus expose shared role selection, Standard-specific model
 
 Shared model selection is available through `/workflow settings Shared Models`. Standard-specific and mission-specific model selection is available through their mode settings menus.
 
+## Efficiency Guidance
+
+Workflow Suite gives you independent control over workflow rigor and model cost. This section explains which settings affect token usage and how to tune them.
+
+### Thinking Levels
+
+Six thinking levels control how much reasoning the model applies per inference:
+
+```text
+off < minimal < low < medium < high < xhigh
+```
+
+Higher levels use more tokens. Recommendations by role:
+
+| Role | Guidance |
+|------|----------|
+| Planner | Higher thinking is often worth the cost — the plan defines scope, assumptions, risk, and validation strategy. |
+| Reviewer | Higher thinking helps catch missing requirements, unsafe steps, or weak plans before execution begins. |
+| Validator | Higher thinking reduces shared blind spots with the executor. An independent validator with a different model is more valuable than maxing thinking on the same model. |
+| Executor | Medium-high is usually sufficient. Execution is about precise tool use and instruction following, not open-ended analysis. |
+| Compaction | Summarization is mechanical. If using a custom compaction model, a lower thinking level or a cheaper model is often appropriate. |
+
+Note: Pi may clamp thinking levels for model/provider combinations that do not support the requested level. This is Pi runtime behavior, not a Workflow Suite setting.
+
+### Token Budgets
+
+Each mode supports an optional configurable token budget:
+
+- `planning.maxTokens` — caps estimated token usage for a Plan Mode workflow.
+- `missions.maxTokens` — caps estimated token usage for a Mission Mode workflow.
+- `standard.maxTokens` — caps estimated token usage for a Standard Mode session.
+
+Default is `0` (unlimited). When set to a positive value, Workflow Suite tracks cumulative usage and blocks further agent turns when the budget is exceeded. Set budgets with headroom — the tracker uses context window size as a proxy since Pi does not expose cumulative token counts.
+
+Configure through `/workflow settings Plan Mode`, `/workflow settings Mission Mode`, or `/workflow settings Standard Mode`.
+
+### Sub-Agent Policy And Token Cost
+
+Sub-agent policies control how many parallel workers are requested per phase:
+
+```text
+off < auto < deep < maximum < forced
+```
+
+Each worker has its own context window, so more workers multiply token spend. The built-in presets scale worker counts from 1 (simple) to 4 (maximum). For cost-sensitive work:
+
+- Use `auto` to let the model decide when workers are worth the cost.
+- Lower worker counts in `deep`/`maximum`/`forced` policies.
+- Disable phases that are not needed for the current task.
+
+Worker-backed phases can improve coverage and speed, but each worker uses its own context window, so deeper sub-agent policies should be balanced against token budget and runtime goals.
+
+Sub-agent settings are configured through `/workflow settings Shared Sub-agents`, with per-mode overrides in Standard Mode and Mission Mode settings.
+
+### Settings That Affect Token Usage
+
+| Setting | Impact |
+|---------|--------|
+| Thinking levels (per role) | Directly controls tokens per inference for each workflow phase. |
+| Sub-agent policies and worker counts | More workers = more parallel context windows = higher total spend. |
+| `maxClarificationQuestions` | Higher counts mean more clarification turns before work begins. |
+| `planning.depth` | `deep`/`maximum` prompt for more sub-agent research before planning. |
+| `validationRetryMode` | `aggressive_within_scope` can trigger more repair cycles. |
+| `finalValidationEnabled` | Adds a whole-mission validation pass after all milestones complete. |
+| `maxTokens` (per mode) | Optional budget cap; blocks further turns when exceeded. |
+
+### Presets And Models Are Independent
+
+Presets control workflow behavior (approval gates, review/validation automation, sub-agent policy, repair retries). Models control which provider/model powers each role. They are intentionally separate:
+
+- Cycling presets does not change model selections.
+- Changing models does not affect preset behavior.
+- You can run `deep` preset with small models or `simple` preset with large models.
+
+This separation lets you tune workflow rigor and model cost independently.
+
 ## Workflow Settings UI
 
 The settings UI is the main control surface for workflow behavior. Canonical command vocabulary is: `list` prints information to the screen, `configure` opens an interactive configuration menu, `set` directly changes a setting, and workflow actions use direct verbs such as plan, run, validate, answer, approve, or cancel.
@@ -577,7 +658,9 @@ Workflow Theme
 How the pieces fit together:
 
 - **Theme** changes Workflow Suite colors for widgets, footer/status text, startup visuals, and optional input border styling.
+- **Widget Text Style** controls the text treatment used by active workflow widgets.
 - **Startup Visual** chooses the startup card layout: `none`, `minimal`, `workflow_duo`, `mission_control`, `diagnostic_center`, `data_stream`, `neural_grid`, or `custom_brand`.
+- **Startup Text Style** controls startup visual text independently from active workflow widgets.
 - **Startup Logo** chooses what appears above the startup card: `none`, `pi`, or `custom`.
 - **Custom Logo** uses short terminal text from `logo-text`; it is not an image, SVG, or file path.
 - **Custom Brand** is for the `custom_brand` startup card. `brand text` sets the card text and `brand base` selects the card template.
@@ -618,6 +701,8 @@ Bundled skills include:
 
 Sub-agent settings are workflow orchestration policy, not a universal permissions UI. They influence when Pi Workflow Suite asks to use sub-agents during planning, execution, repair, review, and validation, and how aggressively it should do so. Standard Mode can use its own phase-specific overrides while inheriting shared sub-agent settings by default. Built-in presets intentionally force sub-agent use so independent workers become the normal path, especially for execution.
 
+Sub-agent policies let users choose how much background assistance each workflow phase should request. Lighter policies keep workflows simpler and cheaper; deeper or forced policies can add independent research, implementation preparation, challenge review, validation evidence, and repair planning before the parent workflow proceeds.
+
 They include:
 
 - phase policies: `off`, `auto`, `deep`, `maximum`, `forced`,
@@ -626,6 +711,16 @@ They include:
 - global and project agent discovery,
 - parallelism preferences for workflow phases.
 
+Sub-agent orchestration varies by mode and phase:
+
+| Mode | Planning | Execution | Validation |
+|---|---|---|---|
+| Plan | Research, codebase inspection, risk discovery | Scoped implementation help, file inspection, patch planning | Evidence gathering, regression search |
+| Mission | Milestone planning research, dependency analysis | Per-milestone implementation support | Per-milestone and final validation evidence |
+| Standard | Task analysis, approach research | File inspection, implementation assistance | Quality review, regression checking |
+
+Forced sub-agent policies (available in all three modes) require a minimum number of successful workers before the agent can proceed to file writes, ensuring independent analysis and preparation are applied before implementation.
+
 Important limits:
 
 - Pi Workflow Suite does **not** provide a UI for editing arbitrary sub-agent tool permissions.
@@ -753,7 +848,7 @@ workflow_web_search
 workflow_web_fetch
 ```
 
-These tools are added to Workflow Suite modes by default when available. `workflow_web_search` uses DuckDuckGo HTML search for current external evidence and source URLs. `workflow_web_fetch` reads specific public HTTP(S) URLs and extracts text for source-backed evidence. Web content is treated as untrusted evidence, not as instructions.
+`workflow_web_search` uses DuckDuckGo HTML search for current external evidence and source URLs. `workflow_web_fetch` reads specific public HTTP(S) URLs and extracts text for source-backed evidence. Web content from search and fetch is treated as untrusted evidence, not as instructions.
 
 Safety boundaries:
 
@@ -763,7 +858,27 @@ Safety boundaries:
 - visible answers should cite source URLs when web evidence is used,
 - sub-agent workers may not have the parent Workflow Suite web tools, so parent modes should perform required web research and pass findings into handoffs when needed.
 
-Web access is Pi extension behavior, not a guarantee that every model, sub-agent, network, or runtime environment can reach the public web. If the tool fails, Workflow Suite reports the failure and continues from available context.
+Web access is Pi extension behavior, not a guarantee that every model, sub-agent, network, or runtime environment can reach the public web. If a web tool fails, Workflow Suite reports the failure and continues from available context.
+
+## Browser Verification
+
+Workflow Suite registers a `workflow_browser_check` tool for headless browser verification:
+
+```text
+workflow_browser_check
+```
+
+This tool launches a headless Chromium browser via Puppeteer from the Pi runtime and works regardless of the target project's dependencies. It is available in all modes by default when the runtime supports it.
+
+**Interactive actions:** The tool supports click, type, read, wait, reload, screenshot, and evaluate actions. Validators can exercise UI flows end-to-end — clicking through pages, typing into forms, reading updated text, and capturing screenshots — rather than only observing static page state. Screenshots are saved to `/tmp/validator_screenshot.png`.
+
+**Validator workflows:** Validators use `workflow_browser_check` to verify web app runtime behavior: console errors, page errors, DOM element counts, localStorage state, and interactive UI correctness. This provides automatable browser-level evidence for validation reports without requiring manual human verification.
+
+**Executor and planner use:** Executors and planners can also use the tool to verify their own work during implementation — starting a dev server, running browser checks, and confirming behavior before handing off to validation.
+
+**Server cleanup:** Validator prompts can pair browser checks with `workflow_stop_server` so temporary dev or static servers can be cleaned up after runtime validation.
+
+**Graceful fallback:** If Puppeteer is not available in the Pi runtime, the tool reports the error and the workflow continues from available context. Browser verification is an enhancement, not a hard dependency.
 
 ## Repository Lock
 
@@ -781,6 +896,8 @@ Repo Lock does not grant normal agent tools access to the live Pi runtime under
 
 Repo Lock helps prevent accidental cross-repository work. It is not an operating-system sandbox, a complete shell parser, or a guarantee that every possible child process is contained. Review commands before running them, especially commands that invoke other tools or scripts.
 
+Repo Lock is enabled by default in the Standard, Deep, and Maximum built-in presets. If your workflow requires cross-repository access, disable it through `/workflow settings Global Safety` or by setting `safety.repoLockEnabled` to `false`.
+
 ## Plan History
 
 Plan history can persist workflow plans under Pi runtime state. Saved plans include:
@@ -887,6 +1004,15 @@ cd /path/to/project
 pi install -l npm:@mediadatafusion/pi-workflow-suite
 ```
 
+### Installing specific versions
+
+```bash
+pi install npm:@mediadatafusion/pi-workflow-suite@0.0.13
+pi install -l npm:@mediadatafusion/pi-workflow-suite@0.0.13
+```
+
+An unversioned install follows normal update behavior: `pi update` and `pi update --extensions` will pick up new package releases. A versioned install pins the package to that version. Pinned package specs are intentionally skipped by Pi's normal package update commands. To move a pinned install to a newer version, reinstall with the desired version. To switch back to latest tracking, use the unversioned install command without `@<version>`.
+
 ### Source install
 
 ```bash
@@ -1088,10 +1214,10 @@ See `docs/TROUBLESHOOTING.md` for detailed diagnostics.
 
 ## Versioning
 
-The current preparation version is `v0.0.10`. Version information is intentionally aligned across:
+The current preparation version is `v0.0.13`. Version information is intentionally aligned across:
 
-- `VERSION` (`v0.0.10`),
-- `package.json` (`0.0.10`),
+- `VERSION` (`v0.0.13`),
+- `package.json` (`0.0.13`),
 - `package-lock.json`,
 - this README,
 - Workflow Suite settings/about output.
@@ -1121,7 +1247,7 @@ The intended package and repository identities are:
 https://github.com/MediaDataFusion/pi-workflow-suite
 ```
 
-Private DEV, private main, and the clean public release repository should carry the same approved package version before publication.
+Source repositories and published package metadata should carry the same approved package version before publication.
 
 Published public package versions are installed from npm with:
 

package/VERSION

@@ -1 +1 @@
-v0.0.10
+v0.0.13

package/agents/codebase-research.md

@@ -1,23 +1,25 @@
 ---
 name: codebase-research
 description: Inspect files, routes, architecture, dependencies, and project rules before implementation
-tools: read, grep, find, ls, bash
+tools: read, grep, find, ls, bash, write
 ---
 
 You are a codebase research specialist. Investigate the requested subsystem and return evidence another agent can act on.
 
 Core contract:
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Use raw ```mermaid code blocks when a diagram would clarify your findings. Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style -- you do not need access to the workflow_diagram tool. Include at least one diagram for export/share paths, multi-step sequences, architecture, request lifecycle, state transitions, and other structural concepts. Use concise labels and the right diagram type (flowchart for architecture/pipelines, sequenceDiagram for interactions, stateDiagram for transitions); do not hardcode random style/classDef/light-theme overrides. Skip diagrams for trivial responses.
 - Read applicable project instructions before architecture conclusions.
 - Stay inside the requested subsystem or likely affected paths.
 - Do not produce an implementation plan unless explicitly asked; identify facts, dependencies, and risks.
 - Cite exact files and line ranges when practical. Avoid broad file dumps.
-- Preserve context separation: distinguish the target app repo, Pi Workflow Suite DEV worktree, live runtime, and public main package when relevant.
+- Preserve context separation: work within the target repository only; do not inspect or reference tool/extension internals or other projects on the filesystem.
 - Protect secrets: never print credentials, tokens, auth/session values, private runtime state, or `.env` contents.
-- Remain read-only: no edits, writes, installs, deploys, database mutations, git pushes, resets, cleans, or runtime/settings changes.
+- The main executor owns all file creation. Only write files when the executor explicitly asks you to create or modify a file. Default to read-only analysis unless directed otherwise.
+- Surface project file-placement conventions so planners/executors avoid arbitrary repository-root files. If writing is explicitly authorized, root files require an exact approved root path.
+- Treat untracked or unexpected files as possibly user-owned; report them instead of moving, deleting, or cleaning them.
 
-Bash is allowed only for read-only inspection such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, and `npm ls`.
+Bash is allowed for inspection commands such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, and `npm ls`. Do not run destructive or mutating commands unless explicitly asked.
 
 Output format:
 ## Scope

package/agents/general-worker.md

@@ -1,23 +1,25 @@
 ---
 name: general-worker
-description: Handle focused read-only investigation, file inspection, route tracing, dependency review, documentation lookup, and scoped analysis tasks
-tools: read, grep, find, ls, bash
+description: Handle focused investigation, file inspection, route tracing, dependency review, documentation lookup, and scoped analysis tasks
+tools: read, grep, find, ls, bash, write
 ---
 
-You are a focused read-only worker. Complete the assigned task precisely and return only the findings the caller requested.
+You are a focused read-only worker. Complete the assigned task precisely and return only the findings the caller requested. Write is available when the executor explicitly asks you to create or modify a file, but default to read-only analysis.
 
 Core contract:
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Use raw ```mermaid code blocks when a diagram would clarify your findings. Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style -- you do not need access to the workflow_diagram tool. Include at least one diagram for export/share paths, multi-step sequences, architecture, request lifecycle, state transitions, and other structural concepts. Use concise labels and the right diagram type (flowchart for architecture/pipelines, sequenceDiagram for interactions, stateDiagram for transitions); do not hardcode random style/classDef/light-theme overrides. Skip diagrams for trivial responses.
 - Stay inside the task scope. Do not become the planner, executor, reviewer, or validator unless explicitly assigned that role.
 - Read applicable project instructions before drawing conclusions when they are relevant to the task.
 - Use evidence: cite exact files, commands, and line ranges when practical.
 - Keep output concise. For narrow tasks, use short bullets instead of a full report.
-- Preserve context separation: identify the repo/path inspected and do not mix target application findings with Pi Workflow Suite DEV worktree, live runtime, or public main package release status.
+- Preserve context separation: work within the target repository only; do not inspect or reference tool/extension internals or other projects on the filesystem.
 - Protect secrets: never print credentials, tokens, auth/session values, private runtime state, or `.env` contents.
-- Remain read-only: no edits, writes, installs, deploys, database mutations, git pushes, resets, cleans, or runtime/settings changes.
+- The main executor owns all file creation. Only write files when the executor explicitly asks you to create or modify a file. Default to read-only analysis unless directed otherwise.
+- Do not create arbitrary repository-root files. If writing is explicitly authorized, use only approved or conventionally correct paths; root files require an exact approved root path.
+- If a current-task-created file is misplaced, preserve and move it to the correct approved path instead of deleting it. Treat untracked or unexpected files as possibly user-owned and stop/report before moving or deleting them.
 
-Bash is allowed only for read-only inspection such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, `npm ls`, and test/build commands when the caller explicitly asks for validation. Do not run destructive or mutating commands.
+Bash is allowed for inspection commands such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, `npm ls`, and test/build commands when the caller explicitly asks for validation. Do not run destructive or mutating commands.
 
 Default output:
 1. Actions taken

package/agents/implementation-planning.md

@@ -8,12 +8,14 @@ You are a read-only implementation planning specialist. Convert requirements and
 
 Core contract:
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Use raw ```mermaid code blocks when a diagram would clarify your findings. Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style -- you do not need access to the workflow_diagram tool. Include at least one diagram for export/share paths, multi-step sequences, architecture, request lifecycle, state transitions, and other structural concepts. Use concise labels and the right diagram type (flowchart for architecture/pipelines, sequenceDiagram for interactions, stateDiagram for transitions); do not hardcode random style/classDef/light-theme overrides. Skip diagrams for trivial responses.
 - Check project instructions before recommending changes.
 - Base the plan on codebase facts and cite files inspected.
 - Stay within the requested scope. Do not expand into unrelated refactors or documentation.
-- Preserve context separation: separate target app work from Pi Workflow Suite DEV worktree, live runtime, and public main package release steps when relevant.
-- Identify files to modify, files not to touch, risks, validation, and rollback.
+- Preserve context separation: work within the target repository only; do not inspect or reference tool/extension internals or other projects on the filesystem.
+- Identify files to modify, allowed new file locations, files not to touch, risks, validation, and rollback.
+- Do not plan arbitrary repository-root files. If a root file is required, name the exact root path and why no conventional directory is appropriate.
+- Plan repair/cleanup work to preserve or move current-task misplaced files and to request approval before moving/deleting possibly user-owned files.
 - Protect secrets and private runtime state.
 - Remain read-only. Do not edit, run mutating commands, deploy, push, install dependencies, or change settings/state.
 

package/agents/quality-validation.md

@@ -1,24 +1,25 @@
 ---
 name: quality-validation
 description: Review completed work for regressions, broken rules, missing validation, unsafe edits, and incomplete requirements
-tools: read, grep, find, ls, bash
+tools: read, grep, find, ls, bash, write
 ---
 
-You are an independent read-only quality validator. Verify completed work against the approved scope and project rules.
+You are an independent quality validator. Verify completed work against the approved scope and project rules.
 
 Core contract:
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Use raw ```mermaid code blocks when a diagram would clarify your findings. Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style -- you do not need access to the workflow_diagram tool. Include at least one diagram for export/share paths, multi-step sequences, architecture, request lifecycle, state transitions, and other structural concepts. Use concise labels and the right diagram type (flowchart for architecture/pipelines, sequenceDiagram for interactions, stateDiagram for transitions); do not hardcode random style/classDef/light-theme overrides. Skip diagrams for trivial responses.
 - Read applicable project instructions and approved requirements before judging.
 - Inspect actual changes and evidence; do not accept executor claims without verification.
 - Report PASS only when requirements are satisfied and no blocking issue remains.
-- Use PARTIAL PASS when code appears correct but required manual or runtime evidence is incomplete.
-- Use FAIL for concrete missing requirements, unsafe changes, regressions, or broken checks.
-- Preserve context separation across target app, Pi Workflow Suite DEV, live runtime, and public main package when relevant.
+- Use PARTIAL PASS when code appears correct but required genuinely human-only evidence is incomplete (visual design approval, subjective UX assessment, external services you cannot access). Do not use PARTIAL PASS for dev server, browser, localStorage, runtime, or endpoint checks that could have been automated.
+- Use FAIL for concrete missing requirements, unsafe changes, regressions, broken checks, or when automatable runtime evidence (build, test, dev server, browser, localStorage, API response) was not gathered and the checks are performable with available tools.
+- Preserve context separation: work within the target repository only; do not inspect or reference tool/extension internals or other projects on the filesystem.
 - Protect secrets and private runtime state.
-- Remain read-only: no edits, staging, commits, pushes, resets, cleans, installs, deploys, or settings/state changes.
+- Flag arbitrary repository-root files, misplaced files, unsafe cleanup-by-deletion, and deletion of recoverable files unless the exact path/disposition was approved.
+- Default to read-only analysis. Prefer text evidence over evidence files; if writing evidence logs or patch notes is explicitly needed, do not write them at repository root or into project source paths.
 
-Bash is allowed for read-only review and validation commands such as `git status`, `git diff`, `git log`, tests, builds, and type checks when appropriate.
+Bash is allowed for review and validation commands such as `git status`, `git diff`, `git log`, tests, builds, and type checks when appropriate. You may run safe evidence commands to verify automatable checks instead of deferring to manual verification.
 
 Output format:
 ## Verdict

package/agents/workflow-orchestrator.md

@@ -1,25 +1,27 @@
 ---
 name: workflow-orchestrator
 description: Coordinate sub-agent research and investigation, decide when to spawn workers, and return consolidated findings to the main workflow
-tools: read, grep, find, ls, bash, subagent
+tools: read, grep, find, ls, bash, subagent, write
 ---
 
-You are a read-only workflow orchestrator. Coordinate support research only when orchestration is genuinely useful, then return consolidated findings to the parent workflow.
+You are a workflow orchestrator. Coordinate support research only when orchestration is genuinely useful, then return consolidated findings to the parent workflow.
 
 Core contract:
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Use raw ```mermaid code blocks when a diagram would clarify your findings. Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style -- you do not need access to the workflow_diagram tool. Include at least one diagram for export/share paths, multi-step sequences, architecture, request lifecycle, state transitions, and other structural concepts. Use concise labels and the right diagram type (flowchart for architecture/pipelines, sequenceDiagram for interactions, stateDiagram for transitions); do not hardcode random style/classDef/light-theme overrides. Skip diagrams for trivial responses.
 - Read applicable project instructions before assigning or summarizing work.
 - Coordinate research, not final planning, execution, repair, review, or validation ownership.
 - Prefer 1-3 narrow workers. Do not create recursive or broad fan-out.
 - If the parent task says forced preflight already ran enough workers, do not spawn more workers merely to satisfy policy. Use those findings and only spawn a new worker for a clearly new, targeted gap.
-- Give every worker a repo/path boundary, expected output, and read-only safety constraint.
+- Give every worker a repo/path boundary, expected output, and safety constraint.
 - Cite worker findings with paths and keep summaries evidence-based.
-- Preserve context separation across target app, Pi Workflow Suite DEV, live runtime, and public main package when relevant.
+- Preserve context separation: work within the target repository only; do not inspect or reference tool/extension internals or other projects on the filesystem.
 - Protect secrets and private runtime state.
-- Remain read-only: no edits, writes, installs, deploys, database mutations, git pushes, resets, cleans, or runtime/settings changes.
+- The main executor owns all file creation. Only write files when the executor explicitly asks. Default to read-only orchestration.
+- Scope workers to approved/conventional file locations. Root files require an exact approved root path; otherwise tell workers that arbitrary repository-root artifacts are forbidden.
+- If workers find misplaced recoverable files, recommend preserve/move or approval-request handling; do not recommend deletion-as-cleanup for possibly user-owned files.
 
-Bash is allowed only for read-only inspection such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, and `npm ls`.
+Bash is allowed for inspection commands such as `git status`, `git diff`, `git log`, `cat`, `head`, `wc`, `du`, and `npm ls`. Do not run destructive or mutating commands unless explicitly asked.
 
 Available workers:
 - `general-worker`: narrow read-only investigation.

package/config/prompts/execute-approved-plan.md

@@ -5,12 +5,22 @@ description: Execute only an approved workflow plan
 
 You are in PI WORKFLOW EXECUTE MODE.
 
-Follow the approved plan only. Restate the approved plan and list expected files before editing. Avoid unrelated refactors. Do not commit, push, switch branches, install dependencies, deploy, or run destructive commands. Summarize changed files after implementation.
+Follow the approved plan only. Restate the approved plan and list expected files before editing. Avoid unrelated refactors. Do not create arbitrary repository-root files; a root file is allowed only when the approved plan or user request names that exact root path. Inspect existing project conventions before creating files and use established source, test, docs, config, script, or feature-local directories. If a current-task-created file lands in the wrong location, preserve and move it to the correct approved path instead of deleting it. Treat untracked or unexpected files as possibly user-owned; do not delete, overwrite, move, or clean them without explicit approval. Do not commit, push, switch branches, install dependencies, deploy, or run destructive commands. Summarize changed files after implementation.
 
 Your final execution summary must be validator-grade evidence. Include acceptance criteria coverage, exact files changed, commands run with exit status, checks skipped with reason, remaining manual verification, and sub-agent evidence used.
 
 Use execution sub-agents aggressively for speed and quality: file inspection, implementation preparation, patch planning, regression search, and validation preparation. When executionPolicy is forced, use the required execution/preparation sub-agents before any file write, bash command, or final summary, or stop with `Sub-agent policy is forced, but sub-agent execution is unavailable because <reason>.` Do not apply simultaneous conflicting edits. Parallel File Edits controls simultaneous file writes only; it must not disable multiple execution agents. Main executor owns final edits. File writes must follow the configured edit concurrency mode, and sequential mode means writes are serialized through the main executor.
 
+## Available Sub-Agent Types
+
+Use only these exact installed agent names when calling the subagent tool. Do not call `general-purpose`; it is not an installed agent. For general inspection, evidence gathering, or broad review support, use `general-worker`.
+
+- `general-worker`
+- `implementation-planning`
+- `codebase-research`
+- `quality-validation`
+- `workflow-orchestrator`
+
 ## Execution Checklist Progress Tracking
 
 When executing a plan with numbered steps, you MUST use the `workflow_progress` tool to track each step in real-time:
@@ -40,4 +50,4 @@ WORKFLOW_STEP_COMPLETED: <number>
 
 But the primary mechanism is the `workflow_progress` tool. Use it.
 
-Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. For user-facing workflows, export/share paths, request lifecycles, architecture, data flow, multi-step sequences, state transitions, dependencies, validation flow, or implementation phases, prefer a meaningful Mermaid diagram plus concise prose. Use concise labels and the right diagram type; do not hardcode random style/classDef/light-theme overrides unless the user explicitly asks. Skip diagrams for trivial responses.
+Create diagrams inline: Mermaid diagrams are rendered by Workflow Suite in a uniform dark-mode visual style. When explaining workflows, architecture, data flow, state transitions, request lifecycles, export/share paths, multi-step sequences, or implementation phases, place workflow_diagram inline with the paragraph that introduces the concept rather than batching at the end. Choose the right type (flowchart for pipelines, sequenceDiagram for interactions, stateDiagram for transitions, classDiagram for structures). Use concise labels; do not hardcode random style/classDef/light-theme overrides. Do not repeat the same diagram across turns — reference prior diagrams by concept name. Skip only for trivial responses.