@mmerterden/multi-agent-pipeline 10.7.0 → 10.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +23 -0
- package/README.md +56 -760
- package/package.json +1 -1
- package/pipeline/commands/multi-agent/autopilot.md +1 -1
- package/pipeline/commands/multi-agent/delete.md +4 -5
- package/pipeline/commands/multi-agent/dev-autopilot.md +1 -1
- package/pipeline/commands/multi-agent/dev-local-autopilot.md +1 -1
- package/pipeline/commands/multi-agent/dev-local.md +1 -1
- package/pipeline/commands/multi-agent/dev.md +1 -1
- package/pipeline/commands/multi-agent/local-autopilot.md +1 -1
- package/pipeline/commands/multi-agent/local.md +1 -1
- package/pipeline/commands/multi-agent/refs/phases.md +1 -1
- package/pipeline/commands/multi-agent/refs/picker-contract.md +6 -10
- package/pipeline/commands/multi-agent/refs/tracker-contract.md +0 -1
- package/pipeline/lib/ask-choice.sh +1 -1
- package/pipeline/scripts/gen-mode-dispatch.mjs +1 -1
- package/pipeline/skills/.skills-index.json +65 -20
- package/pipeline/skills/shared/README.md +1 -1
- package/pipeline/skills/shared/core/multi-agent-delete/SKILL.md +4 -4
- package/pipeline/skills/skills-index.md +24 -19
- package/pipeline/scripts/smoke-delete-flow.sh +0 -151
package/README.md
CHANGED
|
@@ -5,802 +5,98 @@
|
|
|
5
5
|
[](https://nodejs.org)
|
|
6
6
|
[](https://github.com/mmerterden/multi-agent-pipeline/blob/main/package.json)
|
|
7
7
|
|
|
8
|
-
8-phase AI development pipeline for **Claude Code** and **Copilot CLI**.
|
|
8
|
+
An 8-phase AI development pipeline for **Claude Code** and **Copilot CLI**. Drives a Jira issue or GitHub URL to a merged PR in one command — analysis → plan → TDD → review → test → commit → PR — with multi-repo orchestration, a plan-approval gate, CLI-aware parallel review, and store-compliance checks. Includes a generic Figma-to-Component pipeline for iOS (SwiftUI) and Android (Jetpack Compose).
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
| Surface | Count |
|
|
13
|
-
|---|---|
|
|
14
|
-
| Slash commands (colon-form `/multi-agent:*`) | 35 |
|
|
15
|
-
| Copilot skills (dash-form `multi-agent-*`) | 35 |
|
|
16
|
-
| Platforms (Claude Code, Copilot CLI) | 2 |
|
|
17
|
-
| Store-compliance skills (`apple-archive-compliance`, `google-play-compliance`) | 2 |
|
|
18
|
-
| Figma skills (iOS + Android + Common) | 41 |
|
|
19
|
-
| External skill catalog (`shared/external/`) | 143 |
|
|
20
|
-
| Total `SKILL.md` files across all groups | 221 |
|
|
21
|
-
| Smoke suites | 108 |
|
|
22
|
-
| Golden-task fixtures (`pipeline/eval/golden-tasks/`) | 8 |
|
|
23
|
-
| Eval-triage fixtures | 11 |
|
|
24
|
-
| JSON schemas | 16 |
|
|
25
|
-
| Agent personas | 8 |
|
|
26
|
-
| Pipeline phases | 8 |
|
|
27
|
-
|
|
28
|
-
> **Claude Code** and **Copilot CLI** run the full pipeline natively - the gate scripts + live tracker are installed to `~/.claude` / `~/.copilot`, and on Claude Code a `PreToolUse` hook hard-blocks on the secret scan.
|
|
29
|
-
|
|
30
|
-
> Security issue? See [SECURITY.md](./SECURITY.md). Please do not open public issues for vulnerabilities.
|
|
31
|
-
|
|
32
|
-
## Prerequisites
|
|
33
|
-
|
|
34
|
-
- Node.js 18+
|
|
35
|
-
- Claude Code (https://claude.ai/code) **or** GitHub Copilot CLI
|
|
36
|
-
- macOS, Linux, or Windows (Git Bash / WSL). Native credential storage everywhere:
|
|
37
|
-
- **macOS** → Keychain (`security`)
|
|
38
|
-
- **Linux** → libsecret (`secret-tool` - `apt install libsecret-tools` / `dnf install libsecret`)
|
|
39
|
-
- **Windows** → Credential Manager (PowerShell `CredentialManager` module - `Install-Module CredentialManager`)
|
|
40
|
-
- Runtime CLIs the pipeline shells out to:
|
|
41
|
-
- `gh` (GitHub CLI) for issue / PR flows
|
|
42
|
-
- `jq` for JSON parsing
|
|
43
|
-
- `python3` (stdlib only, used by the deterministic keychain helper)
|
|
44
|
-
- `bash` 4+
|
|
45
|
-
|
|
46
|
-
The package is **public on npmjs.org** - no auth, no PAT, no `~/.npmrc` setup needed:
|
|
47
|
-
|
|
48
|
-
```bash
|
|
49
|
-
npm view @mmerterden/multi-agent-pipeline version
|
|
50
|
-
# → prints "10.0.0" (or newer)
|
|
51
|
-
```
|
|
52
|
-
|
|
53
|
-
If `npm view` shows a stale version, run `npm cache clean --force` and retry.
|
|
54
|
-
|
|
55
|
-
> **New here?** Worked end-to-end transcripts live in [`examples/`](./examples/) - bug fix from Jira, feature in autopilot, `--dev` fast path, and recovery from a broken run. Read one before you run the pipeline on your own code.
|
|
56
|
-
>
|
|
57
|
-
> **Something broke?** [`docs/recovery-guide.md`](./docs/recovery-guide.md) is the single-page index of every failure mode (triage fallback, worktree collision, state corruption, identity rewind, etc.) and its fix.
|
|
58
|
-
>
|
|
59
|
-
> **Planning breaking changes?** [`ROADMAP.md`](./ROADMAP.md) tracks what's coming and what's been declined.
|
|
10
|
+
Runs natively on Claude Code and Copilot CLI. macOS / Linux / Windows. Zero runtime dependencies.
|
|
60
11
|
|
|
61
12
|
## Quick Start
|
|
62
13
|
|
|
63
|
-
### Option A - Install from source (recommended for development)
|
|
64
|
-
|
|
65
|
-
Clone the repo and run the installer directly - full read access to source files.
|
|
66
|
-
|
|
67
|
-
```bash
|
|
68
|
-
git clone git@github.com:mmerterden/multi-agent-pipeline.git
|
|
69
|
-
cd multi-agent-pipeline
|
|
70
|
-
npm install
|
|
71
|
-
node install.js # Claude Code (default)
|
|
72
|
-
node install.js --copilot # Copilot CLI
|
|
73
|
-
node install.js --all # Both Claude + Copilot
|
|
74
|
-
|
|
75
|
-
node install.js --link # Symlink mode (dev, saves ~10K tokens)
|
|
76
|
-
node install.js --all --dry-run # Preview every operation, write nothing
|
|
77
|
-
|
|
78
|
-
# Token-preserving uninstall (Keychain access tokens NEVER touched)
|
|
79
|
-
node install.js # ...later...
|
|
80
|
-
node pipeline/scripts/uninstall.mjs --dry-run # preview what would be removed
|
|
81
|
-
node pipeline/scripts/uninstall.mjs --yes # remove from every installed target
|
|
82
|
-
|
|
83
|
-
# Optional: expose the CLI globally as 'multi-agent-pipeline'
|
|
84
|
-
npm link
|
|
85
|
-
```
|
|
86
|
-
|
|
87
|
-
**IMPORTANT - run setup before your first task:**
|
|
88
|
-
|
|
89
|
-
```
|
|
90
|
-
/multi-agent:setup
|
|
91
|
-
```
|
|
92
|
-
|
|
93
|
-
This discovers your Keychain tokens (Jira, Bitbucket, GitHub, etc.), sets up your git identity, and maps everything into `~/.claude/multi-agent-preferences.json`. Without this step, the pipeline cannot find your tokens and will ask for them repeatedly.
|
|
94
|
-
|
|
95
|
-
Update later with `git pull && npm install` inside the clone. Pin to a specific version by checking out the corresponding tag (`git tag -l` to list).
|
|
96
|
-
|
|
97
|
-
### Option B - npx (public registry, no auth)
|
|
98
|
-
|
|
99
14
|
```bash
|
|
100
|
-
|
|
101
|
-
npx @mmerterden/multi-agent-pipeline install --
|
|
102
|
-
npx @mmerterden/multi-agent-pipeline install --all # Both native CLIs (Claude + Copilot)
|
|
103
|
-
npx @mmerterden/multi-agent-pipeline install --link # Symlink mode
|
|
104
|
-
npx @mmerterden/multi-agent-pipeline install --all --dry-run # Preview, write nothing
|
|
105
|
-
|
|
106
|
-
# Token-preserving uninstall
|
|
107
|
-
npx @mmerterden/multi-agent-pipeline uninstall # interactive, all targets
|
|
108
|
-
npx @mmerterden/multi-agent-pipeline uninstall --dry-run # preview only
|
|
109
|
-
```
|
|
15
|
+
# from the public registry (no auth)
|
|
16
|
+
npx @mmerterden/multi-agent-pipeline install --all # Claude Code + Copilot CLI
|
|
110
17
|
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
```bash
|
|
114
|
-
npm install -g @mmerterden/multi-agent-pipeline
|
|
115
|
-
multi-agent-pipeline install # same flags apply
|
|
18
|
+
# then, once:
|
|
19
|
+
/multi-agent:setup # keychain token scan + git identity + default stack
|
|
116
20
|
```
|
|
117
21
|
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
**Opt-in only.** The installer sends nothing by default. If you want to help the
|
|
121
|
-
project by sharing an anonymous install ping, opt in per-install with
|
|
122
|
-
`MULTI_AGENT_TELEMETRY=1`:
|
|
22
|
+
Run a task — the input type is auto-detected:
|
|
123
23
|
|
|
124
24
|
```bash
|
|
125
|
-
|
|
126
|
-
#
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
- Package name + version
|
|
133
|
-
- Install method (`source`, `npx`, `global`, `npm-install`)
|
|
134
|
-
- Flags passed (e.g. `--copilot`, `--all`)
|
|
135
|
-
- Your GitHub username (via `gh api user` if authenticated) and Git email
|
|
136
|
-
- Hostname, OS, arch, Node version
|
|
137
|
-
|
|
138
|
-
Nothing else is collected. Ping failures are silent - telemetry never blocks or
|
|
139
|
-
slows down the install.
|
|
140
|
-
|
|
141
|
-
## What's new
|
|
142
|
-
|
|
143
|
-
- **v10.4.0** (2026-07-02) - New `/multi-agent:finish` command: continue already-done LOCAL work through the pipeline tail in one shot — parallel review → build+test success gate → commit/push/PR → technical analysis + a Jira comment with test scenarios, without re-developing (phases 1-3 skipped). Pairs with `dev-local`/`local` (which skip Review + Test) or with hand-coded/hand-tested changes. Command inventory 34 → 35.
|
|
144
|
-
- **v10.3.0** (2026-07-02) - Android (Jetpack Compose) parity for the 10.2.0 interaction skills: `figma-navigation` / `figma-overlays` / `figma-bottom-sheets` now carry both a SwiftUI and a Compose section (Navigation Compose; Snackbar/AlertDialog/Dialog + state-driven loading; `ModalBottomSheet`), same emit-intent rules and `ui.*` config hooks on both platforms. Plus a review pass: corrected the `animated-gradient-border` snippet (animate `AngularGradient(angle:)` on a static shape, not `rotationEffect`) and genericized the sheet corner-radius example token.
|
|
145
|
-
- **v10.2.0** (2026-07-02) - Generic SwiftUI interaction coverage for figma-to-swiftui: three new cross-cutting integration skills (`figma-navigation`, `figma-overlays`, `figma-bottom-sheets`) + a reconcile-and-extend workflow (`figma-evolve-component`), all native-SwiftUI-first with an optional per-project `ui.*` config hook (so the same capabilities work on any SwiftUI codebase, no app-specific coupling). Phase 3D dev detection (§1.5.4) and Phase 4 review both consume them; `figma-to-swiftui` accessibility reference enriched with the VoiceOver-minimalism decision tree; new `animated-gradient-border` UI pattern. Figma-common skills 27 → 31, total figma skills 37 → 41.
|
|
146
|
-
- **v10.1.0** (2026-06-20) - Fable 5 retired (no longer available): the five heavy agent personas plus Phase 1 / Phase 2 / Phase 4 reviewer-1 + triage and `--dev` fast mode now route to Opus (top available tier); fallback ladder is `opus -> sonnet`. Per-task cost guard (`costBudget`) now defaults on in warn mode. Token economy: Phase 4 shared cache prefix + single-repo diff cap, Phase 1 light Explore tier for small bugfixes, triage prior-art injection capped.
|
|
147
|
-
- **v10.0.0** (2026-06-12) - quality major driven by a 10-category self-audit + competitive sweep: validator gates wired into phases 1/2/4 (fails closed), Phase 3 code-simplifier diff-shrink pass, Phase 4 lesson memory loop, Phase 2 cross-artifact consistency gate, skill frontmatter linter (repaired 31 SKILL.md), installer `--dry-run` + unknown-flag rejection, timeout-guarded smoke runner, adapter family deduplicated (~490 lines), CI hardening (blocking lint, npm audit, shellcheck), tag-driven npm release automation, CHANGELOG split (310KB -> 40KB).
|
|
148
|
-
- **v9.10.2** (2026-06-11) - live per-phase token narration on completion; tracker mandates per-phase cost lines in the final report.
|
|
149
|
-
- **v9.10.1** (2026-06-11) - Claude Fable 5 fallback contract: date gate, dispatch retry, and budget guard when the Fable tier is unavailable.
|
|
150
|
-
- **v9.10.0** (2026-06-11) - Claude Fable 5 adoption on the Claude Code side: the five heavy agent personas plus Phase 1 / Phase 2 / Phase 4 reviewer-1 + triage and `--dev` fast mode route to `claude-fable-5`; cost ledger gains `fable` pricing and fixes the stale `opus` entry.
|
|
151
|
-
|
|
152
|
-
Full version history lives in [CHANGELOG.md](./CHANGELOG.md) - every release entry is recorded there to avoid drift between the two files.
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
## Troubleshooting
|
|
156
|
-
|
|
157
|
-
### `sh: multi-agent-pipeline: command not found`
|
|
158
|
-
|
|
159
|
-
`npx` couldn't fetch the package. Most common causes:
|
|
160
|
-
|
|
161
|
-
- Network blocked or proxy in front of npmjs.org.
|
|
162
|
-
- Stale npx cache - `npx clear-npx-cache` then retry.
|
|
163
|
-
- Wrong package name (it is `@mmerterden/multi-agent-pipeline`, with the scope).
|
|
164
|
-
|
|
165
|
-
### `npm error code E404` on `registry.npmjs.org`
|
|
166
|
-
|
|
167
|
-
The package wasn't reachable. Quick checks:
|
|
168
|
-
|
|
169
|
-
```bash
|
|
170
|
-
curl -fsSL "https://registry.npmjs.org/@mmerterden/multi-agent-pipeline" | jq -r '."dist-tags".latest'
|
|
171
|
-
# Should print 10.0.0 (or newer)
|
|
172
|
-
```
|
|
173
|
-
|
|
174
|
-
- If this prints a version → your local npm cache is stale; run `npm cache clean --force` and retry.
|
|
175
|
-
- If it 404s → registry outage or scope/package-name typo. Verify the URL hits the JSON above.
|
|
176
|
-
|
|
177
|
-
### Older PAT / GitHub Packages docs
|
|
178
|
-
|
|
179
|
-
Earlier README revisions referenced GitHub Packages with a Classic PAT and `~/.npmrc` setup. The package moved to **public npmjs.org** in v8.6.1; no token, no `~/.npmrc` line is needed. If you set one up previously, you can leave it - it just won't be consulted.
|
|
180
|
-
|
|
181
|
-
## Tool support
|
|
182
|
-
|
|
183
|
-
The pipeline runs natively on **Claude Code** and **Copilot CLI** — the two CLIs it targets. Both install from the same `pipeline/skills/` source and get identical skill coverage.
|
|
184
|
-
|
|
185
|
-
| Tool | Install Flag | How It Works |
|
|
186
|
-
| --- | --- | --- |
|
|
187
|
-
| **Claude Code** | `--claude` (default) | Native: slash commands + shared + figma skills + agents + rules + scripts |
|
|
188
|
-
| **Copilot CLI** | `--copilot` | Native: instructions + shared + figma skills + scripts |
|
|
189
|
-
|
|
190
|
-
Skill tree:
|
|
191
|
-
|
|
192
|
-
- `pipeline/skills/shared/core/` - **orchestration skills** (`multi-agent-*` dash-form mirrors of the colon-form slash commands + compliance skills + orchestrator)
|
|
193
|
-
- `pipeline/skills/shared/external/` - **curated iOS / Android / generic guidance skills** (SwiftUI, Jetpack Compose, testing, performance, security, etc.) — also distributed as versioned marketplace plugins in `mmerterden/multi-agent-plugins`
|
|
194
|
-
- `pipeline/skills/figma-ios/` + `pipeline/skills/figma-android/` - **platform-specific Phase 3 sub-skills** (SwiftUI and Jetpack Compose code generation)
|
|
195
|
-
- `pipeline/skills/figma-common/` - **platform-agnostic Figma helpers** (iterate, commit, wiki setup, MCP auth, performance harness)
|
|
196
|
-
|
|
197
|
-
Filter the skill set by stack with `--platform=ios|android|all`. Both CLIs also receive the same `pipeline/scripts/` tree so single-CLI installs stay self-contained.
|
|
198
|
-
|
|
199
|
-
### Uninstall (token-preserving)
|
|
200
|
-
|
|
201
|
-
```bash
|
|
202
|
-
npx @mmerterden/multi-agent-pipeline uninstall # interactive, all installed targets
|
|
203
|
-
npx @mmerterden/multi-agent-pipeline uninstall --dry-run # preview, zero side effects
|
|
204
|
-
```
|
|
205
|
-
|
|
206
|
-
Personal access tokens stored in macOS Keychain / Windows Credential Manager / Linux libsecret are **never touched** by the uninstaller. Smoke tests enforce this with a static check that fails the build if the script ever references a credential-store deletion API.
|
|
207
|
-
|
|
208
|
-
## Pipeline Phases
|
|
209
|
-
|
|
210
|
-
```
|
|
211
|
-
Phase 0: Init - Project selection, branch setup, identity, worktree
|
|
212
|
-
Phase 1: Analysis - Stack detection, codebase exploration
|
|
213
|
-
Phase 2: Planning - Task decomposition, architecture review, user approval
|
|
214
|
-
Phase 3: Dev - TDD cycle: test → code → build
|
|
215
|
-
Phase 4: Review - Deterministic gates + parallel review + Opus triage
|
|
216
|
-
• Claude Code → Opus + Sonnet (2 paralel)
|
|
217
|
-
• Copilot CLI → GPT-5.4 + Opus + Sonnet (3 paralel)
|
|
218
|
-
Phase 5: Test - Optional manual testing + MCP device audits (on-demand)
|
|
219
|
-
Phase 6: Commit - Pre-commit local checkout prompt, git commit, push, PR creation
|
|
220
|
-
Phase 7: Report - External: Jira comment · Wiki + Figma screenshots · Confluence
|
|
221
|
-
Internal: Log · Knowledge + memory capture
|
|
222
|
-
```
|
|
223
|
-
|
|
224
|
-
### Full Pipeline Flow
|
|
225
|
-
|
|
226
|
-
```mermaid
|
|
227
|
-
flowchart TD
|
|
228
|
-
INPUT["🎯 <b>User Input</b><br/>Issue # · Jira URL · Free-text · jira · issue"]
|
|
229
|
-
|
|
230
|
-
subgraph SETUP ["Setup"]
|
|
231
|
-
P0["<b>Phase 0: Init</b><br/>Project detect · Worktree<br/>Branch · Identity · Task type"]
|
|
232
|
-
P1["<b>Phase 1: Analysis</b><br/>Parallel Explore agents<br/>Stack detection · Guide load"]
|
|
233
|
-
P2["<b>Phase 2: Planning</b><br/>Task decompose<br/>Architect review · User approval"]
|
|
234
|
-
end
|
|
235
|
-
|
|
236
|
-
subgraph DEVELOP ["Development"]
|
|
237
|
-
P3["<b>Phase 3: Dev</b><br/>🔴 RED: test<br/>🟢 GREEN: implement<br/>🔵 REFACTOR · Build pass"]
|
|
238
|
-
end
|
|
239
|
-
|
|
240
|
-
subgraph REVIEW ["Review"]
|
|
241
|
-
R1["<b>Opus</b><br/>Security<br/>Architecture"]
|
|
242
|
-
R2["<b>GPT-5.4</b><br/>Quality<br/>Edge cases"]
|
|
243
|
-
R3["<b>Sonnet</b><br/>Correctness<br/>Style"]
|
|
244
|
-
TRIAGE["<b>Opus Triage</b><br/>Filter noise · Deduplicate<br/>Forward actionable only"]
|
|
245
|
-
end
|
|
246
|
-
|
|
247
|
-
subgraph DELIVER ["Delivery"]
|
|
248
|
-
P5["<b>Phase 5: Test</b><br/>Manual test<br/>Device audits (on-demand)"]
|
|
249
|
-
P6["<b>Phase 6: Commit</b><br/>Secret scan · Commit<br/>Push · PR create"]
|
|
250
|
-
P7["<b>Phase 7: Report</b>"]
|
|
251
|
-
subgraph REPORT ["Phase 7 sub-steps"]
|
|
252
|
-
direction LR
|
|
253
|
-
H1["Jira comment<br/>(analysis + tests)"]
|
|
254
|
-
H2["Wiki + Figma<br/>screenshots"]
|
|
255
|
-
H3["Confluence<br/>(optional)"]
|
|
256
|
-
H4["Report · Log"]
|
|
257
|
-
H5["Knowledge +<br/>memory capture"]
|
|
258
|
-
end
|
|
259
|
-
P7 --> H1 --> H2 --> H3 --> H4 --> H5
|
|
260
|
-
end
|
|
261
|
-
|
|
262
|
-
INPUT --> P0
|
|
263
|
-
P0 --> P1
|
|
264
|
-
P1 --> P2
|
|
265
|
-
P2 --> P3
|
|
266
|
-
P3 --> R1 & R2 & R3
|
|
267
|
-
R1 & R2 & R3 --> TRIAGE
|
|
268
|
-
TRIAGE -->|"✅ Approved"| P5
|
|
269
|
-
TRIAGE -->|"🔧 Fix needed (≤3x)"| P3
|
|
270
|
-
P5 --> P6
|
|
271
|
-
P6 --> P7
|
|
272
|
-
|
|
273
|
-
style INPUT fill:#818cf8,stroke:#6366f1,color:#fff
|
|
274
|
-
style P3 fill:#fbbf24,stroke:#f59e0b,color:#000
|
|
275
|
-
style TRIAGE fill:#38bdf8,stroke:#0ea5e9,color:#000
|
|
276
|
-
style P7 fill:#4ade80,stroke:#22c55e,color:#000
|
|
277
|
-
style H1 fill:#fde68a,stroke:#f59e0b,color:#000
|
|
278
|
-
style H2 fill:#c084fc,stroke:#a855f7,color:#000
|
|
279
|
-
style H3 fill:#bae6fd,stroke:#0ea5e9,color:#000
|
|
280
|
-
```
|
|
281
|
-
|
|
282
|
-
### Operating Modes
|
|
283
|
-
|
|
284
|
-
```mermaid
|
|
285
|
-
flowchart LR
|
|
286
|
-
subgraph NORMAL ["Normal (Full 8-phase)"]
|
|
287
|
-
direction LR
|
|
288
|
-
N0[Init] --> N1[Analysis] --> N2[Planning] --> N3[Dev] --> N4[Review] --> N5[Test] --> N6[Commit] --> N7[Report]
|
|
289
|
-
end
|
|
290
|
-
|
|
291
|
-
subgraph DEV ["--dev (Fast, Opus)"]
|
|
292
|
-
direction LR
|
|
293
|
-
D0[Init] --> D3["Dev<br/>(Opus)"] --> D6[Commit] --> D7[Report]
|
|
294
|
-
end
|
|
295
|
-
|
|
296
|
-
subgraph AUTO ["autopilot (No confirmations)"]
|
|
297
|
-
direction LR
|
|
298
|
-
A0[Init] --> A1[Analysis] --> A2[Planning] --> A3[Dev] --> A4[Review] --> A6[Commit] --> A7[Report]
|
|
299
|
-
end
|
|
300
|
-
|
|
301
|
-
subgraph FAST ["--dev autopilot (Fastest)"]
|
|
302
|
-
direction LR
|
|
303
|
-
F0[Init] --> F3["Dev<br/>(Opus)"] --> F6["Commit<br/>(auto)"] --> F7[Report]
|
|
304
|
-
end
|
|
305
|
-
|
|
306
|
-
style D3 fill:#fbbf24,stroke:#f59e0b,color:#000
|
|
307
|
-
style F3 fill:#fbbf24,stroke:#f59e0b,color:#000
|
|
308
|
-
style F6 fill:#4ade80,stroke:#22c55e,color:#000
|
|
309
|
-
```
|
|
310
|
-
|
|
311
|
-
### Review Architecture (Phase 4)
|
|
312
|
-
|
|
313
|
-
```mermaid
|
|
314
|
-
flowchart TD
|
|
315
|
-
DIFF["📝 Code Diff"]
|
|
316
|
-
|
|
317
|
-
DIFF --> OPUS["<b>Opus</b><br/>🔒 Security · Architecture<br/>Data flow · Auth"]
|
|
318
|
-
DIFF --> GPT["<b>GPT-5.4</b><br/>✨ Code quality · Edge cases<br/>Error paths · Logic"]
|
|
319
|
-
DIFF --> SON["<b>Sonnet</b><br/>✅ Correctness · Best practices<br/>Naming · Style"]
|
|
320
|
-
|
|
321
|
-
OPUS --> TRIAGE
|
|
322
|
-
GPT --> TRIAGE
|
|
323
|
-
SON --> TRIAGE
|
|
324
|
-
|
|
325
|
-
TRIAGE["<b>Opus Triage</b><br/>Deduplicate findings<br/>Filter false-positives<br/>Reject out-of-scope<br/>Classify severity"]
|
|
326
|
-
|
|
327
|
-
TRIAGE -->|"✅ PASS"| NEXT["Phase 5: Test"]
|
|
328
|
-
TRIAGE -->|"🔧 FIX_REQUIRED"| BACK["Phase 3: Dev<br/>(retry ≤3x)"]
|
|
329
|
-
|
|
330
|
-
style DIFF fill:#818cf8,stroke:#6366f1,color:#fff
|
|
331
|
-
style TRIAGE fill:#38bdf8,stroke:#0ea5e9,color:#000
|
|
332
|
-
style NEXT fill:#4ade80,stroke:#22c55e,color:#000
|
|
333
|
-
style BACK fill:#f87171,stroke:#ef4444,color:#000
|
|
334
|
-
```
|
|
335
|
-
|
|
336
|
-
### Figma SubPhase Integration (Phase 3)
|
|
337
|
-
|
|
338
|
-
When `figmaConfigPath` is set in project preferences, Phase 3 dispatches the Figma-to-SwiftUI pipeline instead of standard TDD:
|
|
339
|
-
|
|
340
|
-
```mermaid
|
|
341
|
-
flowchart TD
|
|
342
|
-
P3["<b>Phase 3: Dev</b>"]
|
|
343
|
-
|
|
344
|
-
P3 -->|default| TDD["<b>Standard TDD</b><br/>RED → GREEN → REFACTOR → build"]
|
|
345
|
-
P3 -->|"figmaConfigPath set"| FIG
|
|
346
|
-
|
|
347
|
-
subgraph FIG ["Figma-to-SwiftUI Pipeline (17 SubPhases)"]
|
|
348
|
-
direction TB
|
|
349
|
-
|
|
350
|
-
subgraph INIT_G ["Init + Gather"]
|
|
351
|
-
S0["3.0 Init<br/>Parse URL · Branch · Assign"]
|
|
352
|
-
S1["3.1 Gather<br/>Fetch design context"]
|
|
353
|
-
end
|
|
354
|
-
|
|
355
|
-
subgraph PREP ["Preparation (parallel)"]
|
|
356
|
-
S2A["3.2A TestingIDs"]
|
|
357
|
-
S2B["3.2B Localization"]
|
|
358
|
-
S2C["3.2C Accessibility"]
|
|
359
|
-
S2D["3.2D Analytics"]
|
|
360
|
-
end
|
|
361
|
-
|
|
362
|
-
S3["3.3 Token Mapping<br/>Figma values → design tokens"]
|
|
363
|
-
|
|
364
|
-
subgraph IMPL ["Implementation (sequential)"]
|
|
365
|
-
S4A["3.4A Config"]
|
|
366
|
-
S4B["3.4B View"]
|
|
367
|
-
S4C["3.4C Docs"]
|
|
368
|
-
S4D["3.4D Preview"]
|
|
369
|
-
S4E["3.4E Modifiers"]
|
|
370
|
-
S4F["3.4F Wiki"]
|
|
371
|
-
end
|
|
372
|
-
|
|
373
|
-
subgraph TEST_G ["Testing"]
|
|
374
|
-
S5A["3.5A ViewInspector"]
|
|
375
|
-
S5B["3.5B Snapshot"]
|
|
376
|
-
S5C["3.5C Unit"]
|
|
377
|
-
end
|
|
378
|
-
|
|
379
|
-
S6["3.6 CodeConnect<br/>Figma ↔ code link"]
|
|
380
|
-
|
|
381
|
-
S0 --> S1
|
|
382
|
-
S1 --> S2A & S2B & S2C & S2D
|
|
383
|
-
S2A & S2B & S2C & S2D --> S3
|
|
384
|
-
S3 --> S4A --> S4B --> S4C --> S4D --> S4E --> S4F
|
|
385
|
-
S4F --> S5A --> S5B --> S5C
|
|
386
|
-
S5C --> S6
|
|
387
|
-
end
|
|
388
|
-
|
|
389
|
-
style P3 fill:#fbbf24,stroke:#f59e0b,color:#000
|
|
390
|
-
style TDD fill:#4ade80,stroke:#22c55e,color:#000
|
|
391
|
-
style S3 fill:#818cf8,stroke:#6366f1,color:#fff
|
|
392
|
-
style S6 fill:#c084fc,stroke:#a855f7,color:#000
|
|
25
|
+
/multi-agent "PROJ-1234" # Jira id → fetch, plan, build
|
|
26
|
+
/multi-agent "https://github.com/org/repo/issues/42" # GitHub issue URL
|
|
27
|
+
/multi-agent "my-app#42" # repo + issue number
|
|
28
|
+
/multi-agent "fix dark-mode contrast on LoginView" # free-text bug/feature
|
|
29
|
+
/multi-agent:jira # browse your open Jira issues → pick
|
|
30
|
+
/multi-agent:issue # browse unassigned GitHub issues → pick
|
|
393
31
|
```
|
|
394
32
|
|
|
395
|
-
|
|
33
|
+
Every input runs the same short intake — **account → (repo) → maturity check → dev-context** — then enters Phase 0. A Jira id or GitHub URL is fetched and maturity-checked *before* any code is written; free-text skips the fetch and goes straight to planning. Multi-repo tasks add extra repos at the dev-context step.
|
|
396
34
|
|
|
397
|
-
|
|
398
|
-
flowchart TD
|
|
399
|
-
CC["<b>Claude Code</b><br/>(Source of Truth)<br/><br/>~/.claude/commands/<br/>~/.claude/agents/<br/>~/.claude/scripts/"]
|
|
400
|
-
|
|
401
|
-
CC -->|"instructions + 206 skills + scripts"| COP["<b>Copilot CLI</b><br/>~/.copilot/skills/<br/>~/.copilot/scripts/<br/>copilot-instructions.md"]
|
|
402
|
-
CC -->|"genericized pipeline/"| REPO["<b>Pipeline Repo</b><br/>@mmerterden/<br/>multi-agent-pipeline"]
|
|
403
|
-
CC -.->|"optional"| WEB["<b>Website</b><br/>(your docs site)"]
|
|
404
|
-
CC -.->|"optional"| RC["<b>Remote Control</b><br/>(your dashboard)"]
|
|
405
|
-
|
|
406
|
-
REPO -->|"npm publish"| NPM["<b>GitHub Packages</b><br/>(npm)"]
|
|
407
|
-
WEB -->|"auto-deploy"| VERCEL["Vercel"]
|
|
408
|
-
|
|
409
|
-
style CC fill:#818cf8,stroke:#6366f1,color:#fff
|
|
410
|
-
style REPO fill:#fbbf24,stroke:#f59e0b,color:#000
|
|
411
|
-
style NPM fill:#4ade80,stroke:#22c55e,color:#000
|
|
412
|
-
style WEB fill:#38bdf8,stroke:#0ea5e9,color:#000
|
|
413
|
-
```
|
|
35
|
+
Add `autopilot` to skip confirmations, `--dev` for the fast dev-only path, or `--local` to work on the current branch without a worktree (e.g. `/multi-agent:autopilot "PROJ-1234"`).
|
|
414
36
|
|
|
415
|
-
|
|
37
|
+
Update later with `/multi-agent:update`. Uninstall (tokens preserved) with `npx @mmerterden/multi-agent-pipeline uninstall`.
|
|
416
38
|
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
```bash
|
|
420
|
-
# Pipeline tasks
|
|
421
|
-
/multi-agent "MOBILE-12345" # Jira issue
|
|
422
|
-
/multi-agent "#42" # GitHub issue
|
|
423
|
-
/multi-agent "Fix dark mode colors in LoginView" # Free-text
|
|
424
|
-
/multi-agent:dev "MOBILE-12345" # Fast mode (Opus)
|
|
425
|
-
/multi-agent:autopilot "MOBILE-12345" # Skip confirmations
|
|
426
|
-
/multi-agent:dev-autopilot "MOBILE-12345" # Zero interaction
|
|
427
|
-
|
|
428
|
-
# Helper commands
|
|
429
|
-
/multi-agent:status # List all tasks
|
|
430
|
-
/multi-agent:log 1 # Show task log
|
|
431
|
-
/multi-agent:resume 1 # Resume stopped task
|
|
432
|
-
/multi-agent:kill 1 # Delete task worktree
|
|
433
|
-
/multi-agent:review # Review current diff
|
|
434
|
-
/multi-agent:setup # Token + identity onboarding (asks promptLanguage + outputLanguage)
|
|
435
|
-
/multi-agent:language tr # Toggle pipeline languages (en / tr per axis)
|
|
436
|
-
/multi-agent:test # UI Bug Hunter
|
|
437
|
-
/multi-agent:channels "PR-url" # Post report (Jira / Confluence / Wiki / PR)
|
|
438
|
-
/multi-agent:search "query" # Full-text log search
|
|
439
|
-
/multi-agent:scan # Skill security scan
|
|
440
|
-
/multi-agent:refactor # Refactor planner
|
|
441
|
-
/multi-agent:update # Update pipeline
|
|
442
|
-
/multi-agent:sync # Sync ecosystem
|
|
443
|
-
/multi-agent:purge # Full reset (double-confirm)
|
|
444
|
-
|
|
445
|
-
# Flag syntax (equivalent to dedicated commands above)
|
|
446
|
-
/multi-agent "MOBILE-12345" --dev # same as :dev
|
|
447
|
-
/multi-agent "MOBILE-12345" --dev autopilot # same as :dev-autopilot
|
|
448
|
-
```
|
|
449
|
-
|
|
450
|
-
### Copilot CLI (Lite Mode)
|
|
451
|
-
|
|
452
|
-
Same pipeline logic, invoked via dash syntax (`multi-agent-*`).
|
|
453
|
-
|
|
454
|
-
```bash
|
|
455
|
-
# Pipeline tasks
|
|
456
|
-
multi-agent "MOBILE-12345" # Jira issue
|
|
457
|
-
multi-agent "#42" # GitHub issue
|
|
458
|
-
multi-agent "Fix dark mode colors in LoginView" # Free-text
|
|
459
|
-
multi-agent-dev "MOBILE-12345" # Fast mode (Opus)
|
|
460
|
-
multi-agent-autopilot "MOBILE-12345" # Skip confirmations
|
|
461
|
-
multi-agent-dev-autopilot "MOBILE-12345" # Zero interaction
|
|
462
|
-
|
|
463
|
-
# Helper commands
|
|
464
|
-
multi-agent-status # List all tasks
|
|
465
|
-
multi-agent-log 1 # Show task log
|
|
466
|
-
multi-agent-resume 1 # Resume stopped task
|
|
467
|
-
multi-agent-kill 1 # Delete task worktree
|
|
468
|
-
multi-agent-review # Review current diff
|
|
469
|
-
multi-agent-setup # Token + identity onboarding
|
|
470
|
-
multi-agent-test # UI Bug Hunter
|
|
471
|
-
multi-agent-channels "PR-url" # Post report (Jira / Confluence / Wiki / PR)
|
|
472
|
-
multi-agent-search "query" # Full-text log search
|
|
473
|
-
multi-agent-scan # Skill security scan
|
|
474
|
-
multi-agent-refactor # Refactor planner
|
|
475
|
-
multi-agent-update # Update pipeline
|
|
476
|
-
multi-agent-sync # Sync ecosystem
|
|
477
|
-
multi-agent-purge # Full reset (double-confirm)
|
|
478
|
-
```
|
|
39
|
+
## How it works
|
|
479
40
|
|
|
480
|
-
|
|
41
|
+
One command runs 8 phases, with a gate between the risky ones:
|
|
481
42
|
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
43
|
+
- **0 · Init** — parse the input (Jira id / GitHub URL / free text), pick account + repo(s), fetch the issue, run a maturity check.
|
|
44
|
+
- **1 · Analysis** — detect the stack, scan the codebase, map impact (Opus).
|
|
45
|
+
- **2 · Plan** — write a task breakdown and **stop for your approval** before touching code.
|
|
46
|
+
- **3 · Dev** — TDD: failing test → code → green, following the repo's style + the active stack skills.
|
|
47
|
+
- **4 · Review** — deterministic gates (build / lint / test / secret-scan) must pass first, then a **CLI-aware parallel review** — Claude Code runs 2 models (Fable + Sonnet), Copilot CLI runs 3 (GPT-5.4 + Opus + Sonnet) — and a **Fable triage** keeps only actionable findings; blockers loop back to Phase 3.
|
|
48
|
+
- **5 · Test** — build + run the suite; success is required (no faked passes).
|
|
49
|
+
- **6 · Commit/PR** — conventional commit, push (must succeed), open a PR (`Ref: #N`, never auto-close).
|
|
50
|
+
- **7 · Report** — technical summary + a Jira comment with test scenarios, posted through the channels layer.
|
|
488
51
|
|
|
489
|
-
|
|
52
|
+
Under the hood: each task runs in its own **git worktree** (or the current branch with `:local`), commits use the **git identity routed from the repo's origin URL**, and **multi-repo** tasks get per-repo worktrees plus an integration build. Tokens stay in the OS keychain; nothing is committed or logged. `/multi-agent:review` can also review an existing GitHub/Bitbucket PR — per-finding inline comments anchored to `file:line` + an explicit Approve / Needs-Work state.
|
|
490
53
|
|
|
491
54
|
## Modes
|
|
492
55
|
|
|
493
|
-
| Mode |
|
|
494
|
-
|
|
495
|
-
|
|
|
496
|
-
|
|
|
497
|
-
|
|
|
498
|
-
|
|
|
499
|
-
|
|
|
500
|
-
| Test | `/multi-agent:test` | `multi-agent-test` | UI Bug Hunter - visual + accessibility |
|
|
501
|
-
| Channels | `/multi-agent:channels <target>` | `multi-agent-channels <target>` | Post report to Jira / Confluence / Wiki / PR (multi-select, humanizer pass, reviewer-preserving) |
|
|
502
|
-
| Stack | `/multi-agent:stack ios` | `multi-agent-stack ios` | Select stack by enabling the matching marketplace plugin(s) |
|
|
503
|
-
| Language | `/multi-agent:language [prompt\|output] <en\|tr>` | `multi-agent-language [prompt\|output] <en\|tr>` | Toggle `promptLanguage` (interactive prompts) and/or `outputLanguage` (assistant explanations). External payloads stay English. |
|
|
56
|
+
| Mode | Command | Flow |
|
|
57
|
+
|---|---|---|
|
|
58
|
+
| Full | `/multi-agent "task"` | All 8 phases, interactive |
|
|
59
|
+
| Autopilot | `/multi-agent:autopilot "task"` | All 8 phases, no confirmations |
|
|
60
|
+
| Dev | `/multi-agent:dev "task"` | Init → Dev → Commit → Report |
|
|
61
|
+
| Local | `/multi-agent:local "task"` | Full pipeline, current branch (no worktree) |
|
|
62
|
+
| Finish | `/multi-agent:finish` | Run the review→test→commit→report tail over local work |
|
|
504
63
|
|
|
505
|
-
|
|
64
|
+
Helpers: `setup`, `status`, `resume #N`, `review`, `test`, `channels`, `stack`, `update`, `sync`, `jira`, `issue`, `analysis`. Full list: `/multi-agent:help`.
|
|
506
65
|
|
|
507
|
-
|
|
66
|
+
## Stacks
|
|
508
67
|
|
|
509
|
-
|
|
510
|
-
# Claude Code # Copilot CLI
|
|
511
|
-
/multi-agent:test # multi-agent-test
|
|
512
|
-
/multi-agent:test "dark mode" # multi-agent-test "dark mode"
|
|
513
|
-
/multi-agent:test "accessibility" # multi-agent-test "accessibility"
|
|
514
|
-
/multi-agent:test "dynamic type" # multi-agent-test "dynamic type"
|
|
515
|
-
/multi-agent:test "store-ready" # multi-agent-test "store-ready"
|
|
516
|
-
/multi-agent:test "biometric" # multi-agent-test "biometric"
|
|
517
|
-
/multi-agent:test "performance" # multi-agent-test "performance"
|
|
518
|
-
```
|
|
519
|
-
|
|
520
|
-
### How Audit Tools Work
|
|
521
|
-
|
|
522
|
-
All audits run via **direct Bash commands** - no MCP server dependency. Pipeline uses `xcrun simctl`, `adb`, `codesign`, `aapt2` etc. natively.
|
|
523
|
-
|
|
524
|
-
| Audit | What It Does | Command | When |
|
|
525
|
-
| --------------------- | ------------------------------------------------------ | ---------------------------- | ----------------------- |
|
|
526
|
-
| iOS Accessibility | Missing labels, small tap targets | `swift ui-tree-dumper.swift` | Phase 5 - user requests |
|
|
527
|
-
| Android Accessibility | Missing contentDescription, small touch targets | `adb shell uiautomator dump` | Phase 5 - user requests |
|
|
528
|
-
| iOS Biometric | Face ID / Touch ID success/failure | `xcrun simctl keychain` | Phase 5 - auth flow |
|
|
529
|
-
| Android Launch Time | Cold start time (ms) | `adb shell am start -W` | Phase 5 - performance |
|
|
530
|
-
| iOS Archive | App Store compliance: signing, debug tools, privacy | `codesign`, `plutil`, `nm` | Phase 6 - release |
|
|
531
|
-
| Android APK | Play Store compliance: target SDK, debuggable, signing | `aapt2`, `apksigner` | Phase 6 - release |
|
|
532
|
-
|
|
533
|
-
**Important**: Audits are **on-demand** - triggered by user, not automatic. Phase 4 does code-level accessibility review (free, no device needed). Phase 5/6 do device-level audits only when requested.
|
|
534
|
-
|
|
535
|
-
**No external dependencies** - only standard Xcode CLI tools (iOS) and Android SDK (Android). Platform guides include **compliance rules** that map 1:1 to audit checks - follow the guide, pass the audit.
|
|
536
|
-
|
|
537
|
-
## Stack Selection (marketplace plugins)
|
|
538
|
-
|
|
539
|
-
Stack skills ship as versioned plugins in the `{owner}/multi-agent-plugins` marketplace. Selecting a stack **enables the matching plugin(s)** in the repo's `.claude/settings.json` `enabledPlugins` — the stack toolkit plus `ai-common-engineering-toolkit` (cross-stack skills). This replaced the old `stack-swap.sh` mechanic (which physically moved skill directories on a SessionStart hook); enablement is now declarative, per-repo, and versioned.
|
|
68
|
+
Stack skills ship as versioned plugins in the [`mmerterden/multi-agent-plugins`](https://github.com/mmerterden/multi-agent-plugins) marketplace. Select a stack per-repo:
|
|
540
69
|
|
|
541
70
|
```bash
|
|
542
|
-
#
|
|
543
|
-
/multi-agent:stack multi-agent-stack # show enabled plugins
|
|
544
|
-
/multi-agent:stack ios multi-agent-stack ios # SwiftUI toolkit + common
|
|
545
|
-
/multi-agent:stack android multi-agent-stack android # Compose toolkit + common
|
|
546
|
-
/multi-agent:stack backend multi-agent-stack backend # Python/Node toolkit + common
|
|
547
|
-
/multi-agent:stack frontend multi-agent-stack frontend # React/TSX toolkit + common
|
|
548
|
-
/multi-agent:stack mobile multi-agent-stack mobile # iOS + Android + common
|
|
549
|
-
/multi-agent:stack all multi-agent-stack all # all four toolkits + common
|
|
71
|
+
/multi-agent:stack ios # or android / frontend / backend / mobile / all
|
|
550
72
|
```
|
|
551
73
|
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
## Setup
|
|
555
|
-
|
|
556
|
-
```bash
|
|
557
|
-
# 1. Install pipeline
|
|
558
|
-
npx @mmerterden/multi-agent-pipeline install --all
|
|
559
|
-
|
|
560
|
-
# 2. Configure
|
|
561
|
-
/multi-agent:setup # Claude Code
|
|
562
|
-
multi-agent-setup # Copilot CLI
|
|
563
|
-
# -> Jira project key (e.g., MOBILE, APP, ENG)
|
|
564
|
-
# -> Git identity (name + email)
|
|
565
|
-
# -> Keychain token scan + mapping
|
|
566
|
-
|
|
567
|
-
# That's it! Pipeline works standalone - no additional dependencies needed.
|
|
568
|
-
```
|
|
569
|
-
|
|
570
|
-
## Hooks & Context Management
|
|
571
|
-
|
|
572
|
-
Pipeline includes automated safety hooks and session optimization, configured during installation.
|
|
74
|
+
This enables the matching plugin (+ the shared `ai-common` plugin) in the repo's `.claude/settings.json`. Phase 1 auto-detects the stack for routing. New repos default to iOS.
|
|
573
75
|
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
A `PreToolUse` hook runs before every `git commit`, scanning staged files for:
|
|
577
|
-
|
|
578
|
-
- Hardcoded API keys, tokens, secrets
|
|
579
|
-
- AWS access keys (`AKIA...`)
|
|
580
|
-
- Private keys (RSA/EC/DSA/OPENSSH)
|
|
581
|
-
- `.env` files and credentials files
|
|
582
|
-
- Firebase/GCP service account JSON
|
|
583
|
-
|
|
584
|
-
If secrets are found, the commit is **blocked** with a clear message.
|
|
585
|
-
|
|
586
|
-
### Context Management
|
|
587
|
-
|
|
588
|
-
`CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=65` triggers context compaction at 65% usage instead of the default ~80%. This prevents performance degradation in long 8-phase pipeline sessions.
|
|
589
|
-
|
|
590
|
-
### Local CI (pre-push)
|
|
591
|
-
|
|
592
|
-
**CI is local-only** via the `pre-push` git hook (no GitHub Actions).
|
|
593
|
-
Run the full gate manually anytime, or wire the hook to run it on every `git push`:
|
|
594
|
-
|
|
595
|
-
```bash
|
|
596
|
-
# One-off check
|
|
597
|
-
bash pipeline/scripts/pre-push-check.sh
|
|
598
|
-
|
|
599
|
-
# Install as a git hook - runs automatically on `git push`
|
|
600
|
-
ln -sf ../../pipeline/scripts/pre-push-check.sh .git/hooks/pre-push
|
|
601
|
-
chmod +x .git/hooks/pre-push
|
|
602
|
-
```
|
|
603
|
-
|
|
604
|
-
Runs unit tests, smoke suites, eval fixtures, schema validation, and lint - the same gate that used to run in CI. Bypass only in emergencies with
|
|
605
|
-
`git push --no-verify`.
|
|
606
|
-
|
|
607
|
-
### Scripts
|
|
608
|
-
|
|
609
|
-
| Script | Purpose |
|
|
610
|
-
| ---------------------- | ------------------------------------------------ |
|
|
611
|
-
| `pre-commit-check.sh` | Secret detection before commits |
|
|
612
|
-
| `build-stack-plugins.mjs` | Rebuild stack plugins from `shared/external`, bump changed plugin versions |
|
|
613
|
-
| `keychain-save.sh` | Save tokens/JSON to macOS Keychain (interactive) |
|
|
614
|
-
| `keychain.py` | Deterministic Python Keychain helper (get/set/delete/list/doctor); shell driver auto-delegates on macOS/Linux |
|
|
615
|
-
| `github-ssh-setup.sh` | GitHub SSH key generation + config |
|
|
616
|
-
| `ui-tree-dumper.swift` | iOS accessibility tree dumper for audits |
|
|
617
|
-
|
|
618
|
-
All scripts are installed to `~/.claude/scripts/` during setup.
|
|
619
|
-
|
|
620
|
-
## Platform Support
|
|
621
|
-
|
|
622
|
-
| Tier | Platform | Requirements |
|
|
623
|
-
| --------- | --------------------- | ----------------------------------------------------------- |
|
|
624
|
-
| Primary | macOS 13+ | Keychain-backed token storage, `xcodebuild`, `xcrun simctl` |
|
|
625
|
-
| Primary | Linux (Ubuntu 22.04+) | Token storage via env vars / `gh auth`; no Xcode features |
|
|
626
|
-
| Secondary | Windows (WSL2) | Same as Linux; Xcode features unavailable |
|
|
627
|
-
|
|
628
|
-
Node.js 18+ required everywhere. Git 2.38+ (for `git worktree` improvements) recommended.
|
|
629
|
-
|
|
630
|
-
## Testing
|
|
631
|
-
|
|
632
|
-
```bash
|
|
633
|
-
npm test
|
|
634
|
-
```
|
|
635
|
-
|
|
636
|
-
Runs **~1,300 assertions** across four layers:
|
|
637
|
-
|
|
638
|
-
| Layer | Count | What |
|
|
639
|
-
| ----------------- | ------------------------------ | -------------------------------------------------------- |
|
|
640
|
-
| Node unit tests | 92 tests across 19 suites | CLI routing, install helpers, settings.json hooks, security |
|
|
641
|
-
| Smoke suites | 73 scripts, ~1,210 assertions | End-to-end contract tests for every script and phase doc |
|
|
642
|
-
| Eval fixtures | 11 adversarial cases + 2 golden tasks | Semantic regression for triage classification + full pipeline replay |
|
|
643
|
-
| Schema validation | 13 schemas | Structural integrity of JSON schemas |
|
|
644
|
-
|
|
645
|
-
CI runs locally via the `pre-push` git hook (see **Scripts** above) - no GitHub Actions. Enable the hook once per clone with `ln -sf ../../pipeline/scripts/pre-push-check.sh .git/hooks/pre-push`.
|
|
646
|
-
|
|
647
|
-
## Key Features
|
|
648
|
-
|
|
649
|
-
Ten highlights - see [`docs/features.md`](docs/features.md) for the full catalog.
|
|
76
|
+
## Tool support
|
|
650
77
|
|
|
651
|
-
|
|
652
|
-
2. **CLI-aware parallel review + Opus triage** - Opus (security/architecture) + Sonnet (quality/correctness) run in parallel on Claude Code (2-model); Copilot CLI adds GPT-5.4 (edge cases/different perspective) for a 3-model set. A single Opus triage pass filters false-positives, rejects out-of-scope findings, and forwards only actionable items to Phase 3. Reviewer noise never auto-triggers rework.
|
|
653
|
-
3. **Bitbucket / GitHub PR automation** with default reviewers auto-injected, draft/ready prompt, body preservation (no literal `\n`, no HTML entities).
|
|
654
|
-
4. **`channels` command** posts task reports to Jira / Confluence / Wiki / PR with multi-select channel + content. Humanizer pass per-channel, reviewer-preserving Bitbucket PR PUT. Phase 7 delegates; also invocable post-hoc for fixes made outside the pipeline.
|
|
655
|
-
5. **Deterministic safety gates + pre-commit local-checkout prompt + runtime triage validator**: pre-commit secret scan (PreToolUse hook), xcodebuild lock queue, 3-iteration hard-kill on retry loops, "checkout locally and test before commit?" Phase 6 prompt, and a zero-dep Node validator that gates Phase 4 triage output on real exit codes - no longer just markdown guidance. Includes telemetry (metrics.jsonl + aggregator - GPT-5.4 reviewer metric emitted only on Copilot CLI) and a sync-parity script that catches Claude↔Copilot↔repo drift before it ships.
|
|
656
|
-
6. **Cross-session learning**: per-project knowledge base (architecture, patterns, gotchas) + user-level memory (feedback, project constraints, references).
|
|
657
|
-
7. **Schema-validated state + smoke-tested contracts**: `schemas/*.schema.json` for `agent-state.json` and preferences; `scripts/smoke-channels-flow.sh` guards body-preservation + Bitbucket PUT contract + multi-channel dispatch.
|
|
658
|
-
8. **Task Type Detection** - every task classified as component/bugfix/feature/refactor/chore at Phase 0 Step 9, used by every downstream phase for deterministic routing.
|
|
659
|
-
9. **SubPhase progress tracking** for specialized workflows - component generation (figma-to-swiftui) reports nested SubPhases under the parent main phase instead of inflating the top-level phase count.
|
|
660
|
-
10. **Interactive launchers**: `multi-agent-jira` lists your open Jira issues; `multi-agent-issue` lists unassigned GitHub issues. Pick one → choose branch → choose mode (full/--dev) → autopilot? → pipeline starts. GitHub issues are auto-assigned on selection.
|
|
78
|
+
The pipeline runs natively on **Claude Code** and **Copilot CLI** — both install from the same `pipeline/skills/` source and get identical coverage.
|
|
661
79
|
|
|
662
|
-
|
|
80
|
+
| Tool | Flag | Notes |
|
|
81
|
+
|---|---|---|
|
|
82
|
+
| Claude Code | `--claude` (default) | slash commands + skills + agents + `PreToolUse` secret-scan hook |
|
|
83
|
+
| Copilot CLI | `--copilot` | instructions + skills + scripts |
|
|
663
84
|
|
|
664
|
-
|
|
665
|
-
pipeline/
|
|
666
|
-
commands/
|
|
667
|
-
multi-agent.md Main orchestrator
|
|
668
|
-
sim-test.md Mobile UI Bug Hunter
|
|
669
|
-
figma-to-swiftui.md Figma -> SwiftUI component generator
|
|
670
|
-
deploy.md iOS deployment checklist
|
|
671
|
-
archive-guard.md .xcarchive App Store compliance scan
|
|
672
|
-
security-review.md Deep security audit
|
|
673
|
-
multi-agent/
|
|
674
|
-
help.md Usage guide
|
|
675
|
-
setup.md Token + identity + Jira key onboarding
|
|
676
|
-
status.md List all tasks
|
|
677
|
-
log.md Show task log
|
|
678
|
-
resume.md Resume stopped task
|
|
679
|
-
kill.md Delete task worktree
|
|
680
|
-
purge.md Full reset (double-confirm)
|
|
681
|
-
review.md Review current diff
|
|
682
|
-
channels.md Multi-channel reporter (Jira/Confluence/Wiki/PR)
|
|
683
|
-
jira.md Interactive Jira picker
|
|
684
|
-
issue.md Interactive GitHub issue picker
|
|
685
|
-
dev.md Fast mode (Opus)
|
|
686
|
-
autopilot.md Skip confirmations
|
|
687
|
-
dev-autopilot.md Fastest path (dev + autopilot)
|
|
688
|
-
test.md UI Bug Hunter
|
|
689
|
-
search.md Full-text log search
|
|
690
|
-
scan.md Skill security scanner
|
|
691
|
-
refactor.md Refactor planner
|
|
692
|
-
update.md Update pipeline
|
|
693
|
-
sync.md Sync ecosystem (Claude/Copilot/repo)
|
|
694
|
-
refs/
|
|
695
|
-
rules.md Global non-negotiable rules
|
|
696
|
-
keychain.md Token registry
|
|
697
|
-
knowledge.md Project knowledge system
|
|
698
|
-
audit-guide.md Audit tool integration rules
|
|
699
|
-
swiftui-guide.md iOS component guide + compliance rules
|
|
700
|
-
android-guide.md Android component guide + compliance rules
|
|
701
|
-
backend-guide.md Backend API guide
|
|
702
|
-
frontend-guide.md Frontend component guide
|
|
703
|
-
phases.md Phase reference + ASCII flow diagram
|
|
704
|
-
phases/
|
|
705
|
-
phase-0-init.md Project setup (8-step interactive)
|
|
706
|
-
phase-1-analysis.md Stack detection + codebase exploration
|
|
707
|
-
phase-2-planning.md Task decomposition + architecture review
|
|
708
|
-
phase-3-dev.md TDD development + build queue
|
|
709
|
-
phase-4-review.md Gates + code review + accessibility check
|
|
710
|
-
phase-5-test.md User testing + device audits (on-demand)
|
|
711
|
-
phase-6-commit.md Commit + PR (reviewers + draft prompt)
|
|
712
|
-
phase-7-report.md External (Jira/Wiki/Confluence) + internal log + knowledge + memory
|
|
713
|
-
modes.md Autopilot, --dev, --local
|
|
714
|
-
operations.md Kill, resume, purge
|
|
715
|
-
log-format.md Log file spec
|
|
716
|
-
skills/
|
|
717
|
-
shared/
|
|
718
|
-
core/ 22 orchestration skills (multi-agent-*) - pipeline-critical; changes here affect pipeline
|
|
719
|
-
behavior directly.
|
|
720
|
-
external/ 127 iOS/Android/generic guidance skills imported
|
|
721
|
-
from upstream (mirrors of third-party skill sets
|
|
722
|
-
- SwiftUI, Compose, Kotlin, Swift, web, backend,
|
|
723
|
-
CI/CD, HIG, etc.).
|
|
724
|
-
figma-common/ Platform-agnostic Figma pipeline shared steps
|
|
725
|
-
figma-ios/ Figma → SwiftUI component generator (iOS)
|
|
726
|
-
figma-android/ Figma → Jetpack Compose component generator (Android)
|
|
727
|
-
schemas/ JSON Schemas
|
|
728
|
-
agent-state.schema.json Validates $HOME/.claude/logs/.../agent-state.json
|
|
729
|
-
prefs.schema.json Validates $HOME/.claude/multi-agent-preferences.json
|
|
730
|
-
triage-output.schema.json Validates Phase 4 triage output
|
|
731
|
-
token-budget.json Per-phase token limits + warn thresholds
|
|
732
|
-
agents/
|
|
733
|
-
code-reviewer.md Phase 4 reviewer (CLI-aware: 2-model Claude / 3-model Copilot + Opus triage)
|
|
734
|
-
explorer.md Phase 1 codebase scanner
|
|
735
|
-
ios-architect.md iOS architecture review
|
|
736
|
-
android-architect.md Android architecture review
|
|
737
|
-
backend-architect.md Backend/API architecture review
|
|
738
|
-
security-auditor.md Security audit (OWASP)
|
|
739
|
-
rules/
|
|
740
|
-
code-style.md Naming, structure, patterns
|
|
741
|
-
git-conventions.md Commit messages, branching
|
|
742
|
-
testing.md Test naming, structure, coverage
|
|
743
|
-
tdd.md Red-Green-Refactor, testing pyramid
|
|
744
|
-
code-review.md Review priority, severity, checklist
|
|
745
|
-
security.md Keychain, ATS, credentials, privacy
|
|
746
|
-
performance.md Bottlenecks, caching strategy
|
|
747
|
-
debugging.md Scientific debugging method
|
|
748
|
-
app-store-guidelines.md App Store Review Guidelines
|
|
749
|
-
figma-pipeline.md Figma -> SwiftUI generation rules
|
|
750
|
-
swiftui-qa.md 3-layer test strategy, 13-item checklist
|
|
751
|
-
kotlin-android.md Kotlin & Android conventions
|
|
752
|
-
eval/
|
|
753
|
-
triage/
|
|
754
|
-
01-10/ 10 adversarial eval fixtures
|
|
755
|
-
scripts/
|
|
756
|
-
pre-commit-check.sh Secret detection hook
|
|
757
|
-
build-stack-plugins.mjs Rebuild stack plugins + version bump
|
|
758
|
-
keychain-save.sh Save tokens/JSON to macOS Keychain
|
|
759
|
-
github-ssh-setup.sh GitHub SSH key generation + setup
|
|
760
|
-
ui-tree-dumper.swift iOS accessibility tree dumper
|
|
761
|
-
eval-triage.mjs Eval runner for triage fixtures
|
|
762
|
-
validate-triage.mjs Runtime triage validator
|
|
763
|
-
validate-schemas.mjs Zero-dep shallow validator for *.schema.json
|
|
764
|
-
aggregate-metrics.mjs Telemetry aggregator
|
|
765
|
-
log-metric.sh Telemetry metric logger
|
|
766
|
-
phase-banner.sh Phase banner UI renderer
|
|
767
|
-
phase-tracker.sh Phase progress tracker
|
|
768
|
-
sync-parity-check.sh Claude↔Copilot↔repo parity checker
|
|
769
|
-
smoke-*.sh Contract smoke tests (10 suites, 115 assertions)
|
|
770
|
-
claude-md-template.md CLAUDE.md starter template
|
|
771
|
-
preferences-template.json Empty config template
|
|
772
|
-
|
|
773
|
-
docs/
|
|
774
|
-
features.md Full feature catalog
|
|
775
|
-
adr/ Architecture Decision Records (0001+)
|
|
776
|
-
|
|
777
|
-
CHANGELOG.md Version history
|
|
778
|
-
docs/architecture.md Mermaid diagrams: pipeline flow, modes, components
|
|
779
|
-
docs/best-practices.md Competitor-informed patterns and pipeline rules
|
|
780
|
-
SECURITY.md Vulnerability reporting policy
|
|
781
|
-
```
|
|
85
|
+
Filter skills by stack with `--platform=ios\|android\|all`.
|
|
782
86
|
|
|
783
|
-
##
|
|
87
|
+
## Setup notes
|
|
784
88
|
|
|
785
|
-
|
|
89
|
+
- **Tokens** stay in the OS keychain (macOS Keychain / Windows Credential Manager / Linux libsecret) and are never committed or logged. `setup` maps them into `~/.claude/multi-agent-preferences.json`.
|
|
90
|
+
- **Secret scan** runs as a `PreToolUse` hook on Claude Code (hard-blocks a commit on a hit) and as a pre-push check elsewhere.
|
|
91
|
+
- **All tokens are optional** — the pipeline asks for any it needs at Phase 0.
|
|
786
92
|
|
|
787
|
-
|
|
788
|
-
# Claude Code # Copilot CLI
|
|
789
|
-
/multi-agent:sync # multi-agent-sync
|
|
790
|
-
/multi-agent:sync status # multi-agent-sync status
|
|
791
|
-
/multi-agent:sync to-copilot # multi-agent-sync to-copilot
|
|
792
|
-
/multi-agent:sync to-repo # multi-agent-sync to-repo
|
|
793
|
-
/multi-agent:sync release # multi-agent-sync release
|
|
794
|
-
```
|
|
93
|
+
## Companion repos
|
|
795
94
|
|
|
796
|
-
|
|
|
797
|
-
|
|
798
|
-
|
|
|
799
|
-
|
|
|
800
|
-
| **Pipeline Repo** | Genericized open-source version (no personal data) |
|
|
801
|
-
| **Website** | Version, phase/model counts, feature strings (EN+TR) |
|
|
802
|
-
| **Remote Control** | Pipeline feature references |
|
|
95
|
+
| Repo | What it is |
|
|
96
|
+
|---|---|
|
|
97
|
+
| [`mmerterden/multi-agent-plugins`](https://github.com/mmerterden/multi-agent-plugins) | Marketplace of per-stack skill toolkits (iOS / Android / Frontend / Backend + common). `/multi-agent:stack` enables the matching plugin. |
|
|
98
|
+
| [`mmerterden/dev-toolkit-mcp`](https://github.com/mmerterden/dev-toolkit-mcp) | MCP server for UI testing / simulator capture / xcodebuild — powers the Phase 5 UI Bug Hunter. `npx @mmerterden/dev-toolkit-mcp` |
|
|
803
99
|
|
|
804
100
|
## License
|
|
805
101
|
|
|
806
|
-
MIT
|
|
102
|
+
MIT — see [LICENSE](./LICENSE). Security issues: see [SECURITY.md](./SECURITY.md) (do not open public issues for vulnerabilities).
|