@nklisch/pi-agile-workflow 0.16.1 → 0.16.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/docs/ARCHITECTURE.md +23 -11
  4. package/docs/PRINCIPLES.md +84 -18
  5. package/docs/SPEC.md +19 -2
  6. package/docs/VISION.md +11 -6
  7. package/hooks/scripts/prompt-context.py +7 -1
  8. package/hooks/scripts/test_prompt_context.py +16 -0
  9. package/package.json +1 -1
  10. package/scripts/work-view.sh +1 -1
  11. package/skills/autopilot/SKILL.md +49 -34
  12. package/skills/convert/SKILL.md +27 -3
  13. package/skills/epic-design/SKILL.md +21 -3
  14. package/skills/feature-design/SKILL.md +34 -11
  15. package/skills/gate-cruft/SKILL.md +69 -24
  16. package/skills/gate-docs/SKILL.md +12 -5
  17. package/skills/gate-patterns/SKILL.md +7 -3
  18. package/skills/gate-refactor/SKILL.md +18 -6
  19. package/skills/gate-security/SKILL.md +16 -7
  20. package/skills/gate-tests/SKILL.md +86 -71
  21. package/skills/implement/SKILL.md +18 -8
  22. package/skills/principles/SKILL.md +67 -13
  23. package/skills/principles/references/advisory-review.md +8 -1
  24. package/skills/principles/references/code-design.md +62 -5
  25. package/skills/refactor-design/SKILL.md +23 -13
  26. package/skills/review/SKILL.md +36 -17
  27. package/skills/review/references/substrate-side-effects.md +17 -10
  28. package/skills/scope/SKILL.md +20 -7
  29. package/work-view/crates/cli/.work-view-version +1 -1
  30. package/work-view/dist/aarch64-apple-darwin/work-view +0 -0
  31. package/work-view/dist/aarch64-unknown-linux-musl/work-view +0 -0
  32. package/work-view/dist/x86_64-apple-darwin/work-view +0 -0
  33. package/work-view/dist/x86_64-unknown-linux-musl/work-view +0 -0
@@ -1,10 +1,11 @@
1
1
  ---
2
2
  name: gate-tests
3
3
  description: >
4
- Test-quality gate that scans items bound to a release for test coverage gaps. Delegates the full
5
- analysis to a deep test scanner agent which derives expected coverage from each bound item's
6
- acceptance criteria (NOT from implementation code), maps existing test coverage, identifies gaps,
7
- and returns findings. The orchestrator converts findings into gate_origin:tests items in
4
+ Test-quality gate focused on release-bound items that may follow relevant evidence into adjacent
5
+ interfaces and test systems. Derives useful coverage from contracts, risk, and bug history—not
6
+ line coverage—and identifies both valuable gaps and low-value tests worth removing. Delegates the
7
+ analysis to a deep test scanner agent, which maps existing coverage and
8
+ returns findings. The orchestrator converts findings into gate_origin:tests items in
8
9
  .work/active/. Auto-triggers during /agile-workflow:release-deploy.
9
10
  ---
10
11
 
@@ -24,16 +25,18 @@ in the release body.
24
25
 
25
26
  ## Core principle
26
27
 
27
- The gate's principle: **tests derive from specs, not implementations**. Each
28
- bound item's acceptance criteria IS the spec. The scanner verifies those
29
- criteria are covered, finds gaps, and returns them. It also checks the seams
30
- BETWEEN bound items integration coverage where one item's output feeds
31
- another.
28
+ The gate's principle: **tests must earn their upkeep**. Tests derive from
29
+ stable contracts, meaningful risks, and regressions learned from real bugs—not
30
+ from implementation shape or a demand to cover every line. Prefer important
31
+ public interfaces and cross-item seams. Unit tests belong around genuinely
32
+ complex isolated logic, not every wrapper or branch. The gate identifies both
33
+ high-value gaps and duplicate, tautological, brittle, obsolete, or
34
+ implementation-bound tests that should be removed.
32
35
 
33
- Tests derived from reading implementation code are tautological they verify
34
- that the code does what the code does. Tests derived from specs verify what
35
- the code *should* do. That's where bugs live. The scanner brief enforces this
36
- discipline.
36
+ Bound items are the focus, not a hard scan boundary. Follow concrete evidence
37
+ into adjacent interfaces, shared test infrastructure, dependencies, or a whole
38
+ test/check system when needed. Bind findings to the release only when materially
39
+ relevant; route ambient discoveries to the unbound backlog.
37
40
 
38
41
  ## Trigger
39
42
 
@@ -90,8 +93,10 @@ test-design techniques to find gaps, and returns structured findings.
90
93
  **Brief template**:
91
94
 
92
95
  > You are conducting a test-quality gate for release `<version>`. Core
93
- > principle: **tests derive from specs, not implementations**. Each bound
94
- > item's acceptance criteria IS the spec.
96
+ > principle: **tests must earn their upkeep**. Derive tests from stable
97
+ > contracts, meaningful risk, and bug regressions—not implementation shape or
98
+ > universal coverage. Acceptance criteria are evidence of intent, not a mandate
99
+ > for one automated test per statement.
95
100
  >
96
101
  > Use read/search/shell tools as needed. Do not spawn nested sub-agents or implement
97
102
  > fixes.
@@ -143,32 +148,35 @@ test-design techniques to find gaps, and returns structured findings.
143
148
  > - Implementation units / unit names
144
149
  > - Public interface surface (functions, types, endpoints exposed)
145
150
  >
146
- > These four axes plus the explicit acceptance criteria form the spec.
151
+ > These axes and acceptance criteria describe candidate behavior. Rank them
152
+ > by consequence, stability, complexity, and demonstrated failure history
153
+ > before deciding that automated coverage is worthwhile.
147
154
  >
148
- > 2. **Map existing test coverage.** For each bound item, find tests that
155
+ > 2. **Map existing test value and coverage.** For each bound item, find tests that
149
156
  > reference its implementation. For files changed by item `<id>`, list all
150
157
  > tests covering those files. For each test, identify which acceptance
151
- > criterion or behavioral contract it verifies. Cite file:line. Note any
152
- > tests that appear to mirror implementation step-by-step (tautological —
153
- > should be reworked or deleted). Do NOT read implementation bodies; only
154
- > test files and types. Read 2-3 key test files yourself to verify the map.
158
+ > criterion, interface, regression, or complex unit it protects. Cite
159
+ > file:line. Flag tests that mirror implementation step-by-step, duplicate
160
+ > stronger interface coverage, exercise trivial wrappers, or protect obsolete
161
+ > behavior; recommend deletion when removal preserves useful confidence.
162
+ > Read implementation only to establish complexity, interfaces, or whether a
163
+ > test is coupled to internals—not to invent an assertion target. Read 2-3
164
+ > key test files yourself to verify the map.
155
165
  >
156
- > 3. **Apply test-design techniques** for each acceptance criterion not
157
- > covered by tests:
158
- > - **Equivalence partitioning** — one test per valid partition, one per
159
- > invalid
160
- > - **Boundary value analysis** — for ranges: just-below, at, just-above
161
- > - **Decision table** — for criteria with multiple conditions, enumerate
162
- > combinations
163
- > - **State transition** for state changes, test valid transitions and
164
- > verify invalid ones are rejected
166
+ > 3. **Apply test-design techniques selectively** to high-value contracts not
167
+ > already covered. Use only the techniques justified by actual risk:
168
+ > - **Equivalence partitioning** — choose representative partitions where
169
+ > distinctions matter
170
+ > - **Boundary value analysis** — sample consequential range boundaries
171
+ > - **Decision table** — cover combinations with materially different outcomes
172
+ > - **State transition** — cover important valid transitions and invalid ones
173
+ > the contract promises to reject
165
174
  > - **Error guessing (spec-driven)** — anything described as "should
166
175
  > not", "must not", "invalid", "error", "reject"
167
176
  >
168
- > 4. **Adversarial coverage** — for each bound item, surface failure
169
- > expectations along these axes. If the item body or design doesn't
170
- > state the answer, the gap itself is a finding (`stage: drafting`,
171
- > `tags: [testing]`):
177
+ > 4. **Risk review** — for each bound item, consider failure expectations along
178
+ > these axes only where the project's scope and consequences make them
179
+ > meaningful. Silence in the spec is not automatically a testing finding:
172
180
  > 1. Invalid input — when a caller passes invalid data, what should
173
181
  > happen? (Reject? Fall back? Log and continue?)
174
182
  > 2. Missing config — when required configuration is absent, what's the
@@ -182,9 +190,8 @@ test-design techniques to find gaps, and returns structured findings.
182
190
  > 6. Interrupted operations — if a multi-step operation is interrupted,
183
191
  > what's the expected end state?
184
192
  >
185
- > Where the spec is silent, produce either: (a) a `[testing]` story to
186
- > write the test once the spec is settled, or (b) a `[documentation]`
187
- > story to extend the spec with the missing assertion target.
193
+ > Where the spec is silent, emit a finding only when the missing contract is
194
+ > consequential for this project. Otherwise record that no test is warranted.
188
195
  >
189
196
  > 5. **Map e2e seams.** For items with `depends_on` chains, check whether
190
197
  > the seam between them is tested:
@@ -197,16 +204,17 @@ test-design techniques to find gaps, and returns structured findings.
197
204
  > feature's overall acceptance criteria are e2e-covered, not just
198
205
  > per-story unit-covered.
199
206
  >
200
- > 6. **Classify gaps**:
207
+ > 6. **Classify findings**:
201
208
  > | Priority | Definition |
202
209
  > |---|---|
203
- > | Critical | Acceptance criterion with no test |
204
- > | High | Boundary or error case from spec, no test |
205
- > | Medium | Valid partition or rule combination, no test |
206
- > | Low | Complementary coverage |
210
+ > | Critical | High-consequence public contract or known regression lacks protection |
211
+ > | High | Important interface, seam, or complex behavior lacks useful coverage |
212
+ > | Medium | Material confidence gain, but not release-critical |
213
+ > | Low | Ambient improvement or low-value test removal proposal |
207
214
  >
208
- > Also flag tautological tests found during step 2 they need rework or
209
- > deletion.
215
+ > No finding is created merely because a line, branch, unit, edge, or
216
+ > acceptance statement lacks its own test. Also classify relevance as
217
+ > `Release-relevant` or `Ambient`, and flag low-value tests for deletion.
210
218
  >
211
219
  > **Output format** — return a single markdown document with:
212
220
  >
@@ -216,10 +224,12 @@ test-design techniques to find gaps, and returns structured findings.
216
224
  > ### Finding 1
217
225
  > - **Title**: <one-line: spec condition not covered>
218
226
  > - **Priority**: Critical | High | Medium | Low
219
- > - **Bound item**: `<item-id>`
220
- > - **Acceptance criterion**: <quote the criterion>
221
- > - **Gap type**: missing test for valid partition / boundary / error case /
222
- > adversarial-spec-silent / e2e-seam / tautological-rework
227
+ > - **Bound item**: `<item-id>` | none
228
+ > - **Relevance**: Release-relevant | Ambient
229
+ > - **Value protected**: public interface | seam | complex unit | bug regression | test removal
230
+ > - **Contract / risk / regression evidence**: <quote or concrete evidence>
231
+ > - **Gap type**: important-interface / complex-unit / bug-regression /
232
+ > e2e-seam / low-value-test-removal
223
233
  > - **Suggested test**:
224
234
  > ```<lang>
225
235
  > // Sketch of the test — name, scenario, assertion target.
@@ -241,14 +251,14 @@ test-design techniques to find gaps, and returns structured findings.
241
251
  > ```
242
252
  >
243
253
  > **Rules**:
244
- > - Derive tests from specs, NOT from implementation code. If you find
245
- > yourself reading a function body to decide what to verify, stop — go
246
- > back to the spec.
247
- > - Test the public interface, not internal implementation.
248
- > - Cite spec references in every finding. A finding without a spec
249
- > reference is testing an assumption, not a contract.
250
- > - Prioritize invalid input, error cases, boundary conditions.
251
- > - Audit only the bundle's items, not the whole repo.
254
+ > - Derive assertion targets from contracts, risk, and bug history—not
255
+ > implementation steps. Implementation may establish complexity or coupling.
256
+ > - Prefer public interfaces and meaningful seams over internal implementation.
257
+ > - Cite a contract, demonstrated risk, bug regression, or concrete maintenance
258
+ > cost for every finding. No evidence means no test work.
259
+ > - Do not chase universal edge, branch, line, or surface coverage.
260
+ > - Bound items are the focus, not a hard boundary. Follow concrete evidence and
261
+ > record why out-of-bundle test systems were inspected.
252
262
  > - Skip already-tracked.
253
263
  >
254
264
  > **Test integrity findings** (additional pass — flag and surface as
@@ -259,8 +269,9 @@ test-design techniques to find gaps, and returns structured findings.
259
269
  > assertions.
260
270
  > - Tests that were silenced rather than diagnosed: broad `skip` /
261
271
  > `xfail` / `it.todo` with no linked backlog id or written reason.
262
- > - Tests deleted in the bundle's commits with no replacement coverage
263
- > for the same acceptance criterion. (Check `git log` of the bundle.)
272
+ > - Tests deleted in the bundle's commits when the removal leaves an important
273
+ > interface, complex behavior, or known regression without useful protection.
274
+ > (Check `git log` of the bundle.)
264
275
  > - Tests whose assertion was rewritten to match new-but-undocumented
265
276
  > behavior — i.e. the test was made to follow the code instead of the
266
277
  > code being made to follow the spec.
@@ -289,7 +300,7 @@ stage: implementing # critical/high
289
300
  tags: [testing]
290
301
  parent: null
291
302
  depends_on: []
292
- release_binding: <version>
303
+ release_binding: <version> | null # null for ambient findings
293
304
  gate_origin: tests
294
305
  created: YYYY-MM-DD
295
306
  updated: YYYY-MM-DD
@@ -300,9 +311,9 @@ updated: YYYY-MM-DD
300
311
  ## Priority
301
312
  Critical | High | Medium | Low
302
313
 
303
- ## Spec reference
304
- Item: `<bound-item-id>`
305
- Acceptance criterion: <quote the criterion>
314
+ ## Value evidence
315
+ Item: `<bound-item-id>` (or `none` for ambient findings)
316
+ Contract / risk / regression / maintenance cost: <concrete evidence>
306
317
 
307
318
  ## Gap type
308
319
  <missing test for valid partition / boundary / error case / etc.>
@@ -316,6 +327,10 @@ Acceptance criterion: <quote the criterion>
316
327
  `<test-file-path>` (following project conventions)
317
328
  ```
318
329
 
330
+ Release-relevant findings use the normal priority mapping and bind to the
331
+ release. Ambient findings—including repository-wide low-value test systems
332
+ merely discovered by the scan—go to the unbound backlog regardless of priority.
333
+
319
334
  Default priority -> placement mapping:
320
335
  - **Critical** / **High** → `stage: implementing` in `.work/active/stories/`
321
336
  - **Medium** → `stage: drafting` in `.work/active/stories/`
@@ -327,8 +342,8 @@ Tautological tests get items too:
327
342
  # id: gate-tests-rework-<original-test-slug>
328
343
  # kind: story
329
344
  # tags: [testing, refactor]
330
- # Body describes which test is tautological and what spec behavior it should be
331
- # rewritten to verify (or marked for deletion).
345
+ # Body describes why the test adds too little confidence for its upkeep and
346
+ # whether it should be rewritten around a valuable contract or deleted.
332
347
  ```
333
348
 
334
349
  ### Phase 5: Commit
@@ -343,7 +358,8 @@ git commit -m "gate-tests: <N> coverage gaps for <version>"
343
358
  In conversation:
344
359
  - **Bundle**: `<version>` — `<N>` items audited
345
360
  - **Coverage gaps**: count by priority
346
- - **Tautological tests flagged**: count
361
+ - **Low-value tests flagged for removal**: count
362
+ - **Ambient findings**: count routed to unbound backlog
347
363
  - **Items created**: count, with new ids
348
364
  - **Already-tracked**: count of duplicates skipped
349
365
 
@@ -352,12 +368,11 @@ In conversation:
352
368
  - **The analysis happens in the scanner agent, not here.** Your job is bundle
353
369
  prep, dispatch, and item-writing. Don't replicate the scanner's contract
354
370
  extraction or coverage mapping.
355
- - The scanner brief enforces "specs not implementations". Don't substitute
356
- your own judgment for findings.
357
- - Cite spec references in every item body. The scanner provides them.
358
- - Prioritize invalid input, error cases, boundary conditions — that's where
359
- bugs hide and specs are most often undertested.
360
- - Audit only the bundle's items, not the whole repo.
371
+ - The scanner brief enforces contract/risk/regression value over implementation
372
+ shape or coverage metrics. Don't substitute line-coverage pressure.
373
+ - Cite the contract, risk, regression, or maintenance cost in every item body.
374
+ - Release-bound items define focus, not a hard boundary. Follow concrete
375
+ evidence, but route ambient discoveries to the unbound backlog.
361
376
  - A failing test that exposes a real spec violation is the most valuable
362
377
  output. Don't sand it down — surface it as a Critical finding so the
363
378
  implementation gets fixed before shipping.
@@ -169,7 +169,8 @@ In land mode:
169
169
  as-built reality (paths, interfaces, signatures).
170
170
  2. Validate — typecheck, lint, tests scoped to touched packages
171
171
  (`pnpm --filter`, `cargo -p`, `pytest <path>`).
172
- 3. Fill test gaps for any meaningful behavior that lacks coverage.
172
+ 3. Fill high-value test gaps at stable interfaces, for complex logic, or for
173
+ demonstrated regressions; remove obsolete or low-value tests exposed by the work.
173
174
  4. Skip Phase 6 (no new code) and go straight to Phase 7 (notes — log
174
175
  "Land mode" explicitly), Phase 8 (verify), Phase 9 (commit + advance).
175
176
 
@@ -196,13 +197,19 @@ For code items:
196
197
  For each unit/file in the item's design:
197
198
  1. Write the code following the design's specifications — exact types, signatures,
198
199
  contracts
199
- 2. Apply established patterns from the codebase
200
- 3. Handle every error path the design specifies
201
- 4. Write tests that verify behavior, not implementation
200
+ 2. Apply established patterns from the codebase without adding speculative layers
201
+ 3. Handle the error paths and guarantees the design actually requires
202
+ 4. Write tests only where they protect an important interface, complex unit, or
203
+ demonstrated regression; remove low-value tests the change makes obsolete
202
204
  5. Update module exports (index files) so new code integrates cleanly
205
+ 6. Run an elimination pass over the touched area: delete, inline, or consolidate
206
+ code, checks, abstractions, compatibility paths, and test machinery made
207
+ unnecessary by the implementation
203
208
 
204
- Take pride in the details: clean variable names, idiomatic control flow, meaningful
205
- error messages. Code that a future developer would read with appreciation.
209
+ Safe behavior-preserving cleanup that is cohesive with the touched code is part
210
+ of the task. Park larger or unrelated cleanup, and stop for a design decision
211
+ before weakening behavior, guarantees, validation, compatibility, or safety.
212
+ Prefer short, direct, readable code over a generalized framework.
206
213
 
207
214
  ### Phase 7: Update item body with implementation notes
208
215
 
@@ -213,7 +220,8 @@ Append (or update) an "Implementation notes" section in the item's body:
213
220
  - Execution capability: <choice and brief risk/scope rationale>
214
221
  - Review weight: <effective value and source: caller, project, or default>
215
222
  - Files changed: <list>
216
- - Tests added: <list>
223
+ - Tests added/removed: <list and the interface, complexity, or regression value>
224
+ - Simplification: <code, checks, abstractions, or compatibility paths removed/consolidated>
217
225
  - Discrepancies from design: <list with one-line explanation each, or "none">
218
226
  - Adjacent issues parked: <list of backlog ids if any, or "none">
219
227
  ```
@@ -294,6 +302,8 @@ In conversation:
294
302
  - If you discover a genuine design flaw, don't muscle through. Append a
295
303
  `## Implementation discovery` section, set stage back to `drafting`, and
296
304
  return. The design family will pick it up on the next pass.
297
- - Adjacent issues you notice get parked via `/agile-workflow:park`, not bundled.
305
+ - Safe, cohesive simplification in the touched area belongs in the task. Park
306
+ larger, unrelated, or behavior-changing opportunities instead of silently
307
+ expanding scope.
298
308
  - Test integrity is non-negotiable: follow the project rules and worker posture;
299
309
  fix bad tests, park real production bugs, and never game tests.
@@ -1,8 +1,9 @@
1
1
  ---
2
2
  name: principles
3
3
  description: >
4
- agile-workflow principles — code-design (Ports & Adapters, Single Source of Truth, Generated
5
- Contracts, Fail Fast) and substrate-execution (Item-IS-the-Work, Rolling-Foundation, Late-Binding).
4
+ agile-workflow principles — code-design (clear boundaries, proportional rigor, code economy,
5
+ useful tests, and continuous simplification) and substrate-execution (Item-IS-the-Work,
6
+ Rolling-Foundation, Late-Binding).
6
7
  Auto-loads when designing modules, defining interfaces, writing or implementing code, scoping work
7
8
  in the substrate, advancing stages, scoping releases, or any time the agile-workflow
8
9
  design/implement/review skills are active.
@@ -23,7 +24,7 @@ Each principle has guidance for design time and implementation time.
23
24
 
24
25
  # Part I — Code-Design Principles
25
26
 
26
- These four invariants stay active during design and implementation. Load
27
+ These principles stay active during design and implementation. Load
27
28
  [references/code-design.md](references/code-design.md) when concrete mechanics,
28
29
  checklists, or examples are needed.
29
30
 
@@ -44,11 +45,35 @@ Boundary types derive from the schema, router, database model, or a generation
44
45
  step. Consumers import or infer that contract instead of maintaining hand-written
45
46
  copies.
46
47
 
47
- ## 4. Fail Fast
48
+ ## 4. Fail Fast—Where It Matters
48
49
 
49
- Validate unknown input at system boundaries and assert internal preconditions at
50
- function entry. Reject invalid state early with specific errors instead of
51
- letting it fail deep in the call chain.
50
+ Validate untrusted input and required external contracts at system boundaries.
51
+ Add internal checks only when the project's actual risks justify them. Do not
52
+ manufacture exhaustive invariants, edge handling, determinism, or defensive
53
+ layers that the product's scope and consequences do not need.
54
+
55
+ ## 5. Code Economy
56
+
57
+ Short, direct code is a virtue when it stays clear. Prefer fewer concepts,
58
+ layers, branches, options, and lines over speculative generality. Match rigor to
59
+ the project's context rather than engineering every codebase as critical
60
+ infrastructure.
61
+
62
+ ## 6. Tests Earn Their Keep
63
+
64
+ Test stable interfaces, important behavior, and regressions learned from real
65
+ bugs. Unit-test genuinely complex units, not every wrapper, branch, or line.
66
+ Tests are maintained code: remove duplicate, tautological, implementation-bound,
67
+ or otherwise low-value tests when their upkeep exceeds the confidence they add.
68
+
69
+ ## 7. Leave It Simpler
70
+
71
+ Exploration, design, and implementation include an elimination pass. In the
72
+ area being touched, look for code, tests, checks, abstractions, compatibility
73
+ paths, and complexity that the feature can make unnecessary. Fold safe,
74
+ cohesive cleanup into the work or create explicit cleanup/refactor stories;
75
+ park broader opportunities. Question whole systems when warranted, but ask the
76
+ user before removing behavior, guarantees, validation, compatibility, or safety.
52
77
 
53
78
  ---
54
79
 
@@ -60,7 +85,7 @@ dispatch. The agent applies these whenever operating on `.work/` or `docs/`,
60
85
  and whenever choosing discovery or implementation dispatch during substrate
61
86
  work.
62
87
 
63
- ## 5. Item-IS-the-Work
88
+ ## 8. Item-IS-the-Work
64
89
 
65
90
  The unit of work is its file. The brief, the design, the implementation notes, and the review findings all accumulate in the item's body as stages advance. Reading the file IS reading the state of the work.
66
91
 
@@ -100,7 +125,7 @@ The unit of work is its file. The brief, the design, the implementation notes, a
100
125
 
101
126
  ---
102
127
 
103
- ## 6. Rolling-Foundation
128
+ ## 9. Rolling-Foundation
104
129
 
105
130
  Foundation docs (`docs/VISION.md`, `docs/SPEC.md`, `docs/ARCHITECTURE.md`, and any others) describe the project's vision (future-looking) and current intent — what is true now, OR what will be true once in-flight design lands. They roll forward in place as either evolves. No legacy comments. Git carries history; the doc carries truth.
106
131
 
@@ -152,7 +177,7 @@ The discipline is identical in both styles: replace stale assertions in place, n
152
177
 
153
178
  ---
154
179
 
155
- ## 7. Late-Binding
180
+ ## 10. Late-Binding
156
181
 
157
182
  Items advance stages when work actually completes. Releases bind items only when the user cuts a version. Foundation docs are not pre-decided into a phase plan. Work happens, then commitments crystallize — not the other way around.
158
183
 
@@ -192,7 +217,7 @@ Items advance stages when work actually completes. Releases bind items only when
192
217
 
193
218
  ---
194
219
 
195
- ## 8. Agent Dispatch Economy
220
+ ## 11. Agent Dispatch Economy
196
221
 
197
222
  Sub-agents are for breadth, isolation, independent judgment, or parallel
198
223
  implementation with clear write ownership. They are not a replacement for
@@ -363,12 +388,36 @@ for their owning stories.
363
388
  reason. A slow top-tier reviewer is not a failure until its appropriately
364
389
  sized timeout or mechanism reports failure.
365
390
  - **Strict completion:** final autopilot completion must clear a successful
366
- review path and resolve or file accepted findings. At weights `light` through
391
+ review path and adjudicate every proposed finding. At weights `light` through
367
392
  `maximum`, that path must use a supported fresh-context reviewer; if it fails,
368
393
  the run is blocked rather than complete. At explicit weight `none`, documented
369
394
  implementation verification and acceptance evidence satisfy the path without
370
395
  independent review.
371
396
 
397
+ ## Recipient-owned finding disposition
398
+
399
+ Reviewer output is evidence, not authority. The receiving agent orchestrating the
400
+ run independently verifies each claim and assigns its disposition against the
401
+ repository's actual context: acceptance criteria, supported users and deployment
402
+ shape, likelihood, blast radius, recoverability, existing safeguards, and the
403
+ cost of delaying the current work. A reviewer's `blocker` label never binds the
404
+ receiver by itself, and disagreement is resolved by evidence rather than
405
+ seniority or model strength.
406
+
407
+ A finding blocks the current cycle only when the receiver judges it a credible,
408
+ material risk to required correctness, security, data integrity, public
409
+ contracts, acceptance criteria, release safety, or trustworthy verification.
410
+ Fix those findings now or keep an active item that prevents completion. Park a
411
+ valid concern below that bar in the unbound backlog with its risk rationale and
412
+ continue; leave nits in review notes, and reject unsupported findings with a
413
+ brief reason. Rarity alone does not make a case irrelevant, but a corner case's
414
+ likelihood and consequence must justify its delivery cost. Repetition across
415
+ review passes does not elevate severity by itself.
416
+
417
+ A successful review path therefore means independent scrutiny ran when required
418
+ and the receiving agent adjudicated the results. It does not mean every reviewer
419
+ suggestion was implemented or promoted into the active queue.
420
+
372
421
  User instructions and project-level review/egress rules override defaults. Do
373
422
  not invoke an external peer mechanism when policy prohibits it. `--only-questions`
374
423
  is user alignment and therefore skips advisory review.
@@ -398,12 +447,17 @@ family (`gate-cruft`, `gate-security`, `gate-tests`, `gate-docs`,
398
447
 
399
448
  | Arg | Behavior |
400
449
  |---|---|
401
- | no arg / `--all` | Sweep the relevant scope (whole codebase, or release bundle for gates) |
450
+ | no arg / `--all` | Sweep the relevant scope; release-bound items are a gate's focus, not a hard scan boundary |
402
451
  | `<path>` | Scope to that subtree |
403
452
  | `<NL scope>` | Interpret free text against the codebase; log the interpretation |
404
453
  | `<feature-id>` (where applicable) | Per-feature design mode (refactor-design, perf-design) |
405
454
 
406
455
  These skills *emit substrate items as findings* rather than gating pass/fail.
456
+ For release gates, follow relevant evidence into adjacent dependencies, shared
457
+ infrastructure, or system-wide mechanisms. Bind findings to the release only
458
+ when they are caused by, exposed by, or materially relevant to it; route merely
459
+ ambient discoveries to unbound backlog proposals so a gate does not silently
460
+ expand release scope.
407
461
 
408
462
  ## Per-item design verbs
409
463
 
@@ -44,6 +44,12 @@ Always run completeness before attack:
44
44
  attack pass; completed artifacts may use the same bounded convergence shape.
45
45
  Verify concrete claims before accepting them.
46
46
 
47
+ The receiving/orchestrating agent owns the verdict on every returned finding.
48
+ Apply Part IV's material-risk threshold in repository context; do not inherit a
49
+ reviewer's severity label. Fix or activate only current-cycle blockers, park
50
+ valid lower-priority concerns in the unbound backlog, and reject unsupported
51
+ claims with a reason.
52
+
47
53
  For deep or complex work, use a different model class for Phase 2 than Phase 1
48
54
  when two classes are available. Their disagreement is evidence to investigate,
49
55
  not a vote. For routine design, do not turn a focused advisory pass into a
@@ -58,7 +64,8 @@ Summarize evidence and decisions in the item body; never paste transcripts:
58
64
  - Invoked because: <risk or uncertainty>
59
65
  - Phase 1 — advisory/completeness: <reviewer class and useful gaps>
60
66
  - Phase 2 — adversarial: <reviewer class and failure modes>
61
- - Accepted: <adjustments with phase>
67
+ - Fixed/active blockers: <material current-cycle risks and disposition>
68
+ - Parked: <valid lower-priority concerns and risk rationale>
62
69
  - Rejected: <points and reasons with phase>
63
70
  - Skipped/degraded: <phase and reason, if any>
64
71
  ```
@@ -9,7 +9,10 @@ concrete boundary guidance, checklists, or examples.
9
9
  1. [Ports & Adapters](#1-ports--adapters)
10
10
  2. [Single Source of Truth](#2-single-source-of-truth)
11
11
  3. [Generated Contracts](#3-generated-contracts)
12
- 4. [Fail Fast](#4-fail-fast)
12
+ 4. [Fail Fast—Where It Matters](#4-fail-fastwhere-it-matters)
13
+ 5. [Code Economy](#5-code-economy)
14
+ 6. [Tests Earn Their Keep](#6-tests-earn-their-keep)
15
+ 7. [Leave It Simpler](#7-leave-it-simpler)
13
16
 
14
17
  ## 1. Ports & Adapters
15
18
 
@@ -84,11 +87,13 @@ Checklist:
84
87
  - Generation or inference is part of the build path.
85
88
  - No hand-written type mirrors a schema, router, or database definition.
86
89
 
87
- ## 4. Fail Fast
90
+ ## 4. Fail Fast—Where It Matters
88
91
 
89
- Validate unknown input at system boundaries before domain logic runs. Assert
90
- internal preconditions at function entry with specific guard errors and early
91
- returns; do not propagate invalid state into deeper call chains.
92
+ Validate untrusted input and required external contracts at system boundaries
93
+ before domain logic runs. Add internal guards when a violated precondition is
94
+ plausible and consequential; do not turn every helper into a defensive boundary.
95
+ The project decides how much invariant enforcement, edge handling, and
96
+ determinism it actually needs.
92
97
 
93
98
  ```typescript
94
99
  function processOrder(input: unknown) {
@@ -105,3 +110,55 @@ function applyDiscount(order: Order, pct: number) {
105
110
  Boundary examples include HTTP handlers, CLI arguments, external API responses,
106
111
  and configuration files. Internal checks should report the violated
107
112
  precondition and received value whenever that is safe.
113
+
114
+ Checklist:
115
+ - Validate real trust boundaries and explicit contracts.
116
+ - Match defensive rigor to failure consequences and project scope.
117
+ - Do not add checks, retries, invariants, or determinism only because a more
118
+ general system might need them.
119
+
120
+ ## 5. Code Economy
121
+
122
+ Prefer the shortest clear expression of the project's actual requirements.
123
+ Every abstraction, option, layer, fallback, and branch creates maintenance cost;
124
+ it must earn that cost in current scope rather than a hypothetical future.
125
+ Terse does not mean cryptic: optimize for fewer concepts, then fewer lines.
126
+
127
+ Checklist:
128
+ - Choose the direct solution before a configurable framework.
129
+ - Avoid extension points without a current second use or committed need.
130
+ - Delete incidental machinery made obsolete by the change.
131
+
132
+ ## 6. Tests Earn Their Keep
133
+
134
+ Automated tests are maintained code. Prioritize stable public interfaces,
135
+ important cross-component seams, high-consequence behavior, and regression tests
136
+ for real bugs. Unit tests belong around genuinely complex logic where isolated
137
+ examples add confidence; simple wrappers and implementation details usually do
138
+ not need their own tests.
139
+
140
+ Checklist:
141
+ - Name the interface, risk, or regression each test protects.
142
+ - Prefer a useful interface test over several implementation-bound unit tests.
143
+ - Do not chase line coverage or enumerate every possible surface by default.
144
+ - Remove duplicate, tautological, brittle, or low-value tests when they no
145
+ longer justify upkeep.
146
+
147
+ ## 7. Leave It Simpler
148
+
149
+ Treat elimination as part of feature work, not a separate activity reserved for
150
+ refactors. During exploration and design, identify code, tests, checks,
151
+ abstractions, compatibility paths, and configuration that the proposed feature
152
+ can make unnecessary. During implementation, perform safe cohesive cleanup in
153
+ the touched area and create explicit cleanup/refactor stories for larger work.
154
+
155
+ Question whole systems as well as local fragments. Removing behavior,
156
+ guarantees, validation, determinism, compatibility, or safety is a product
157
+ choice: explain the trade-off and ask the user rather than silently weakening
158
+ it.
159
+
160
+ Checklist:
161
+ - Record what the feature can delete or consolidate.
162
+ - Prefer deletion and inlining before extraction or another abstraction.
163
+ - Leave touched code simpler unless doing so would blur scope or alter behavior.
164
+ - Park broader opportunities; ask before reducing meaningful guarantees.