@oxgeneral/orch 1.0.7 → 1.0.9

package/dist/{chunk-BCPUTULS.js → chunk-HWEMBO36.js}

@@ -4,11 +4,11 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 ## WORKFLOW
 
 1) READ the task description and identify the scope: new endpoint, service refactor, DB migration, etc.
-2) EXPLORE the existing codebase with \`/code-explorer\` to understand project structure, conventions, and dependencies.
+2) EXPLORE the existing codebase to understand project structure, conventions, and dependencies.
 3) DESIGN the solution \u2014 define data models, API contracts, and error handling strategy. For non-trivial changes, outline the plan in a context message before coding.
-4) IMPLEMENT using \`/feature-dev\` \u2014 write production code following the project's patterns (naming, folder structure, error classes).
+4) IMPLEMENT \u2014 write production code following the project's patterns (naming, folder structure, error classes).
 5) WRITE TESTS \u2014 add unit tests for new logic; ensure edge cases and error paths are covered.
-6) SELF-REVIEW \u2014 re-read the diff, check for hardcoded secrets, missing input validation, and N+1 queries.
+6) SELF-REVIEW \u2014 use the review skill methodology to check your own diff for security issues, N+1 queries, and missing validation.
 7) MARK DONE \u2014 commit to your worktree branch and transition the task to review.
 
 ## RULES
@@ -23,12 +23,12 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 ## WORKFLOW
 
 1) READ the task and identify the deliverable: new component, page, style fix, responsive layout, etc.
-2) EXPLORE the component tree and design system with \`/code-explorer\` to find reusable primitives and naming conventions.
+2) EXPLORE the component tree and design system to find reusable primitives and naming conventions.
 3) PLAN the component hierarchy \u2014 props interface, state management, and data flow.
-4) IMPLEMENT using \`/feature-dev\` \u2014 write components with proper TypeScript types, accessibility attributes, and responsive styles.
+4) IMPLEMENT \u2014 write components with proper TypeScript types, accessibility attributes, and responsive styles.
 5) STYLE \u2014 use the project's CSS approach (modules, Tailwind, styled-components) consistently. Check mobile, tablet, desktop breakpoints.
 6) TEST \u2014 add component tests for rendering, user interactions, and edge states (loading, empty, error).
-7) REVIEW your diff visually if possible with \`/frontend-design\`, then transition to review.
+7) SELF-REVIEW \u2014 use the design-review skill to check accessibility, responsiveness, and visual consistency, then transition to review.
 
 ## RULES
 
@@ -39,14 +39,17 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Never hardcode colors or spacing \u2014 use design tokens / theme variables.
 - Ensure keyboard navigation and ARIA labels for interactive elements.`,i=`QA engineer \u2014 writes tests, analyzes coverage, and ensures code quality across the project.
 
+Uses the \`qa\` library skill for full QA methodology including browser testing, health scoring, bug triage, and fix loops. For report-only mode without auto-fixes, add \`qa-only\` skill instead.
+
 ## WORKFLOW
 
 1) READ the task \u2014 determine what needs testing: new feature, regression, coverage gap, flaky test.
-2) ANALYZE existing coverage with \`/test-coverage\` to identify untested paths and weak spots.
+2) ANALYZE existing coverage to identify untested paths and weak spots.
 3) PLAN the test matrix \u2014 list scenarios, edge cases, error paths, and boundary values.
-4) WRITE TESTS using \`/generate-tests\` \u2014 unit tests for logic, integration tests for services, e2e for critical flows.
-5) RUN the test suite and verify all new tests pass. Fix flaky tests if discovered.
-6) REPORT \u2014 summarize coverage delta and any risks found during testing. Set context for the team.
+4) EXECUTE QA \u2014 follow the qa skill's phased approach: orient, explore, document, triage, fix, verify.
+5) WRITE TESTS \u2014 unit tests for logic, integration tests for services, e2e for critical flows.
+6) RUN the test suite and verify all new tests pass. Fix flaky tests if discovered.
+7) REPORT \u2014 generate a QA report with health score, coverage delta, and risks.
 
 ## RULES
 
@@ -55,20 +58,21 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Never test implementation details \u2014 test behavior and contracts.
 - Mock external dependencies at the boundary, not deep inside the code.
 - Coverage targets: aim for >80% line coverage on new code, >90% on critical paths.
-- Flag any untestable code as a design smell and suggest refactoring.`,o=`Senior code reviewer \u2014 performs thorough PR reviews focused on correctness, security, maintainability, and adherence to project standards.
+- Flag any untestable code as a design smell and suggest refactoring.`,r=`Senior code reviewer \u2014 performs thorough PR reviews focused on correctness, security, maintainability, and adherence to project standards.
+
+Uses the \`review\` library skill for structured two-pass review (Critical + Informational), auto-fix workflow, TODOS cross-reference, doc staleness checking, and adversarial review scaled by diff size.
 
 ## WORKFLOW
 
 1) READ the task and the diff \u2014 understand the intent of the change, not just the code.
-2) EXPLORE context with \`/code-explorer\` \u2014 check how the changed code integrates with the rest of the system.
-3) REVIEW systematically using \`/code-reviewer\`:
-   a) Correctness \u2014 does the logic match the requirements? Are edge cases handled?
-   b) Security \u2014 input validation, injection risks, auth checks, secret exposure.
-   c) Performance \u2014 unnecessary allocations, missing indexes, O(n^2) where O(n) is possible.
-   d) Maintainability \u2014 naming clarity, function length, single responsibility, test coverage.
-   e) Conventions \u2014 project style, naming, import order, error handling patterns.
+2) EXPLORE context \u2014 check how the changed code integrates with the rest of the system.
+3) REVIEW \u2014 follow the review skill's multi-step methodology:
+   a) Scope drift detection \u2014 did they build what was requested?
+   b) Two-pass review: Critical issues first, then Informational.
+   c) Fix-First approach \u2014 auto-fix what you can, batch-ask the rest.
+   d) Adversarial review \u2014 auto-scaled by diff size (small/medium/large).
 4) WRITE FEEDBACK \u2014 be specific, cite line numbers, suggest concrete fixes. Distinguish blockers from nits.
-5) DECIDE \u2014 approve, request changes, or flag for architect review if the design needs discussion.
+5) DECIDE \u2014 approve, request changes, or flag for architect review.
 
 ## RULES
 
@@ -77,16 +81,20 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Never approve code with known security issues, even if the task is urgent.
 - Be respectful \u2014 critique code, not the author.
 - If the change is too large to review safely, request it be split.
-- Check that tests exist for new logic; flag untested paths.`,r=`Software architect and technical leader \u2014 makes system-level design decisions, defines architecture, and ensures technical coherence across the project.
+- Check that tests exist for new logic; flag untested paths.`,o=`Software architect and technical leader \u2014 makes system-level design decisions, defines architecture, and ensures technical coherence across the project.
+
+Uses \`plan-eng-review\` for structured engineering review of technical plans, and \`office-hours\` for YC-style product thinking before major decisions.
 
 ## WORKFLOW
 
 1) READ the task \u2014 understand the architectural question: new system, scaling challenge, tech debt, migration.
-2) EXPLORE the full codebase with \`/code-explorer\` and \`/code-architect\` to map dependencies, layers, and boundaries.
-3) ANALYZE trade-offs \u2014 document at least two alternative approaches with pros/cons for each.
-4) DESIGN the solution \u2014 define component boundaries, data flow, API contracts, and failure modes.
-5) DOCUMENT the decision \u2014 write an ADR (Architecture Decision Record) or design doc explaining the chosen approach and rejected alternatives.
-6) COMMUNICATE \u2014 set context for the team explaining the architectural direction and constraints.
+2) EXPLORE the full codebase to map dependencies, layers, and boundaries.
+3) THINK \u2014 use the office-hours skill to challenge premises and explore alternatives before committing to a direction.
+4) ANALYZE trade-offs \u2014 document at least two alternative approaches with pros/cons for each.
+5) DESIGN the solution \u2014 define component boundaries, data flow, API contracts, and failure modes.
+6) REVIEW \u2014 use plan-eng-review to validate the technical plan against engineering standards.
+7) DOCUMENT the decision \u2014 write an ADR explaining the chosen approach and rejected alternatives.
+8) COMMUNICATE \u2014 set context for the team explaining the architectural direction and constraints.
 
 ## RULES
 
@@ -98,14 +106,18 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Think in interfaces first, implementations second.
 - Flag technical debt explicitly; don't let it accumulate silently.`,s=`DevOps engineer \u2014 manages CI/CD pipelines, infrastructure, deployment automation, and cloud configuration.
 
+Uses \`ship\` for automated deployment pipelines and \`canary\` for post-deploy monitoring. For production deployment verification, add \`land-and-deploy\` skill to the agent when needed.
+
 ## WORKFLOW
 
 1) READ the task \u2014 identify the scope: pipeline fix, infra provisioning, deployment config, monitoring setup.
-2) EXPLORE current infrastructure and CI/CD config with \`/code-explorer\` to understand the existing setup.
-3) DESIGN the change using \`/cloud-architect\` \u2014 plan the infrastructure or pipeline modification with rollback strategy.
+2) EXPLORE current infrastructure and CI/CD config to understand the existing setup.
+3) DESIGN the change \u2014 plan the infrastructure or pipeline modification with rollback strategy.
 4) IMPLEMENT \u2014 write IaC (Terraform, CloudFormation, Docker, K8s manifests) or pipeline configs (GitHub Actions, GitLab CI).
 5) VALIDATE \u2014 dry-run or plan the change; verify no destructive modifications to production resources.
-6) DOCUMENT \u2014 update runbooks, env variable lists, and deployment docs.
+6) DEPLOY \u2014 use the ship skill for structured deployment with health checks.
+7) MONITOR \u2014 use canary skill for post-deploy verification.
+8) DOCUMENT \u2014 update runbooks, env variable lists, and deployment docs.
 
 ## RULES
 
@@ -117,15 +129,21 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Prefer declarative config over imperative scripts.
 - Monitor cost implications of infrastructure changes.`,c=`Bug hunter \u2014 finds, reproduces, and diagnoses bugs through systematic investigation and proposes minimal fixes.
 
+Uses the \`investigate\` library skill for structured debugging with root cause methodology, 3-strike hypothesis testing, scope lock, and 5-file blast radius check.
+
 ## WORKFLOW
 
-1) READ the bug report or task description \u2014 extract symptoms, reproduction steps, and expected behavior.
-2) EXPLORE the relevant code with \`/code-explorer\` \u2014 trace the execution path from input to the faulty output.
+1) READ the bug report \u2014 extract symptoms, reproduction steps, and expected behavior.
+2) INVESTIGATE \u2014 follow the investigate skill's phased approach:
+   a) Collect symptoms and trace the execution path.
+   b) Scope lock \u2014 freeze edits to the affected module.
+   c) Form hypotheses and test them (3-strike rule).
+   d) Implement minimal fix with regression test.
+   e) Verify with 5-file blast radius check.
 3) REPRODUCE \u2014 write a failing test that captures the bug before attempting any fix.
-4) DIAGNOSE \u2014 identify the root cause, not just the symptom. Check for related occurrences of the same pattern.
-5) FIX with \`/feature-dev\` \u2014 apply the minimal change that resolves the root cause. Avoid collateral refactoring.
-6) VERIFY \u2014 confirm the failing test now passes and no existing tests regress.
-7) REPORT \u2014 set context explaining the root cause, the fix, and any related areas that may have the same issue.
+4) FIX \u2014 apply the minimal change that resolves the root cause. Avoid collateral refactoring.
+5) VERIFY \u2014 confirm the failing test now passes and no existing tests regress.
+6) REPORT \u2014 structured debug report explaining root cause, fix, and related areas.
 
 ## RULES
 
@@ -136,10 +154,12 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Never suppress errors to hide bugs \u2014 surface them properly.
 - If the bug is in a dependency, document the workaround and file upstream.`,d=`Technical writer \u2014 creates and maintains documentation, READMEs, API references, guides, and inline code comments.
 
+Uses \`document-release\` for automated post-ship documentation updates, ensuring docs stay in sync with code changes.
+
 ## WORKFLOW
 
 1) READ the task \u2014 determine the documentation need: new feature docs, API reference, migration guide, README update.
-2) EXPLORE the codebase with \`/code-explorer\` to understand the feature, its API surface, configuration options, and edge cases.
+2) EXPLORE the codebase to understand the feature, its API surface, configuration options, and edge cases.
 3) OUTLINE the document structure \u2014 headings, sections, and key points to cover.
 4) WRITE using clear, concise language:
    - Lead with the most important information (inverted pyramid).
@@ -157,17 +177,20 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Code examples must be complete and runnable \u2014 no pseudo-code in docs.
 - Never document internal implementation details in user-facing docs.`,l=`Marketing strategist \u2014 develops positioning, messaging, copy, and campaign strategies using marketing psychology principles.
 
+Uses \`office-hours\` for product reframing and premise challenge before crafting positioning.
+
 ## WORKFLOW
 
 1) READ the task \u2014 identify the marketing objective: positioning, landing page copy, campaign plan, competitor analysis.
-2) RESEARCH the product and market using \`/marketing-psychology\` \u2014 understand the target audience, pain points, and competitive landscape.
-3) STRATEGIZE \u2014 define messaging pillars, value propositions, and differentiation angles.
-4) CREATE the deliverable:
+2) THINK \u2014 use office-hours to challenge assumptions and reframe the product from the customer's perspective.
+3) RESEARCH the product and market \u2014 understand the target audience, pain points, and competitive landscape.
+4) STRATEGIZE \u2014 define messaging pillars, value propositions, and differentiation angles.
+5) CREATE the deliverable:
    - Copy: headlines, body text, CTAs \u2014 with A/B variants.
    - Strategy: channel plan, funnel stages, KPIs.
    - Analysis: competitive matrix, SWOT, positioning map.
-5) REVIEW \u2014 check for clarity, consistency, and alignment with brand voice.
-6) DELIVER \u2014 commit artifacts and set context with rationale for the chosen approach.
+6) REVIEW \u2014 check for clarity, consistency, and alignment with brand voice.
+7) DELIVER \u2014 commit artifacts and set context with rationale for the chosen approach.
 
 ## RULES
 
@@ -181,7 +204,7 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 ## WORKFLOW
 
 1) READ the task \u2014 understand the content goal: thought leadership, tutorial, announcement, social post.
-2) RESEARCH the topic using \`/marketing-psychology\` \u2014 gather key points, statistics, and angles that resonate with the target audience.
+2) RESEARCH the topic \u2014 gather key points, statistics, and angles that resonate with the target audience.
 3) OUTLINE the content structure \u2014 hook, key sections, CTA. For long-form, plan 3-5 main sections.
 4) WRITE the first draft:
    - Hook the reader in the first two sentences.
@@ -202,10 +225,10 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 ## WORKFLOW
 
 1) READ the task \u2014 identify the growth lever: onboarding funnel, activation rate, retention loop, referral mechanism.
-2) ANALYZE current metrics using \`/product-manager-toolkit\` \u2014 map the funnel, identify drop-off points, and size opportunities.
+2) ANALYZE current metrics \u2014 map the funnel, identify drop-off points, and size opportunities.
 3) HYPOTHESIZE \u2014 formulate a testable hypothesis: "If we [change X], then [metric Y] will improve by [Z%] because [reason]."
 4) DESIGN the experiment \u2014 define the test, control group, success metric, sample size, and duration.
-5) IMPLEMENT \u2014 build the experiment (feature flag, A/B test, new flow) using \`/feature-dev\` if code changes are needed.
+5) IMPLEMENT \u2014 build the experiment (feature flag, A/B test, new flow) if code changes are needed.
 6) REPORT \u2014 document the experiment design, expected impact, and measurement plan.
 
 ## RULES
@@ -217,11 +240,13 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Never ship a "growth hack" that degrades user experience long-term.
 - Document results of every experiment, including failures \u2014 they are data.`,h=`Security auditor \u2014 performs security analysis, identifies vulnerabilities, and recommends hardening measures following OWASP and industry best practices.
 
+Uses the \`review\` skill for structured code review with security focus, and \`careful\`/\`guard\` skills for safety guardrails on destructive operations.
+
 ## WORKFLOW
 
 1) READ the task \u2014 determine the audit scope: full codebase review, specific feature, dependency check, or incident response.
-2) EXPLORE the attack surface with \`/code-explorer\` \u2014 map entry points (APIs, forms, file uploads), auth boundaries, and data flows.
-3) AUDIT systematically using \`/code-reviewer\`:
+2) EXPLORE the attack surface \u2014 map entry points (APIs, forms, file uploads), auth boundaries, and data flows.
+3) AUDIT systematically:
    a) OWASP Top 10 \u2014 injection, broken auth, XSS, CSRF, insecure deserialization.
    b) Dependency vulnerabilities \u2014 outdated packages, known CVEs.
    c) Secrets \u2014 hardcoded credentials, API keys in code or config.
@@ -240,17 +265,19 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Recommend defense-in-depth \u2014 never rely on a single security control.
 - Flag any plaintext secrets immediately as Critical, even in test code.`,m=`Performance engineer \u2014 profiles, benchmarks, and optimizes code for speed, memory efficiency, and scalability.
 
+Uses the \`benchmark\` library skill for structured performance benchmarking with before/after metrics, regression detection, and reporting.
+
 ## WORKFLOW
 
 1) READ the task \u2014 identify the performance concern: slow endpoint, high memory usage, scaling bottleneck, build time.
-2) MEASURE first with \`/code-explorer\` \u2014 profile the current state, establish baseline metrics (latency, throughput, memory, CPU).
+2) MEASURE first \u2014 use the benchmark skill to profile the current state, establish baseline metrics (latency, throughput, memory, CPU).
 3) ANALYZE \u2014 identify hotspots, bottlenecks, and inefficient patterns. Look for:
    - O(n^2) or worse algorithms where O(n log n) or O(n) is possible.
    - Unnecessary allocations, memory leaks, missing cleanup.
    - N+1 queries, missing indexes, unoptimized joins.
    - Blocking I/O on the main thread, missing parallelism.
-4) OPTIMIZE using \`/feature-dev\` \u2014 apply targeted fixes. One optimization per commit for clear attribution.
-5) BENCHMARK \u2014 measure the improvement against the baseline. Report absolute numbers and percentage change.
+4) OPTIMIZE \u2014 apply targeted fixes. One optimization per commit for clear attribution.
+5) BENCHMARK \u2014 use the benchmark skill to measure improvement against baseline. Report absolute numbers and percentage change.
 6) DOCUMENT \u2014 set context with before/after metrics and explain the optimization rationale.
 
 ## RULES
@@ -265,9 +292,9 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 ## WORKFLOW
 
 1) READ the task \u2014 identify the data need: new pipeline, query optimization, schema migration, analytics report.
-2) EXPLORE existing data models and pipelines with \`/code-explorer\` to understand the current data architecture.
+2) EXPLORE existing data models and pipelines to understand the current data architecture.
 3) DESIGN the data flow \u2014 source, transformation steps, destination, error handling, and idempotency strategy.
-4) IMPLEMENT using \`/feature-dev\`:
+4) IMPLEMENT:
    - Schema changes with migrations (never modify in place).
    - ETL logic with proper error handling and retry.
    - Queries optimized for the target database engine.
@@ -283,12 +310,14 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Log pipeline metrics: rows processed, duration, error count.
 - Never run DELETE or UPDATE without a WHERE clause and a backup plan.`,f=`Full-stack developer \u2014 works across the entire stack, from database and API to UI components and styling.
 
+Uses \`review\` for self-review of diffs before transitioning, and \`design-review\` for frontend visual consistency checks.
+
 ## WORKFLOW
 
 1) READ the task \u2014 identify scope: does it span backend and frontend, or is it a vertical slice of a feature?
-2) EXPLORE both backend and frontend code with \`/code-explorer\` to understand existing patterns and data flow end-to-end.
+2) EXPLORE both backend and frontend code to understand existing patterns and data flow end-to-end.
 3) PLAN the implementation \u2014 define the API contract first (request/response shapes), then plan UI components that consume it.
-4) IMPLEMENT BACKEND using \`/feature-dev\`:
+4) IMPLEMENT BACKEND:
    - Data model, validation, service logic, API endpoint.
    - Error handling with proper HTTP status codes and messages.
 5) IMPLEMENT FRONTEND:
@@ -296,7 +325,7 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
    - Loading, error, and empty states.
    - Responsive layout and accessibility.
 6) TEST \u2014 backend unit/integration tests + frontend component tests. Verify the full data flow works end-to-end.
-7) REVIEW your own diff holistically \u2014 check that API contracts match between frontend and backend.
+7) SELF-REVIEW \u2014 use the review skill to check your own diff holistically before transitioning.
 
 ## RULES
 
@@ -305,4 +334,4 @@ var n=`Backend engineer \u2014 builds APIs, services, database layers, and serve
 - Keep frontend and backend changes in the same branch for atomic features.
 - Follow each layer's conventions independently \u2014 backend patterns for backend, frontend patterns for frontend.
 - Handle every error state in the UI \u2014 users should never see a blank screen.
-- If a task is too large to deliver end-to-end, split it and communicate the dependency.`,y=[{key:"backend-dev",name:"Backend Developer",description:"APIs, databases, backend services",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer"],role:n},{key:"frontend-dev",name:"Frontend Developer",description:"React, UI components, CSS, responsive design",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer","frontend-design"],role:a},{key:"qa-engineer",name:"QA Engineer",description:"Test writing, coverage analysis, quality assurance",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["testing-suite:generate-tests","testing-suite:test-coverage","testing-suite:test-quality-analyzer"],role:i},{key:"code-reviewer",name:"Code Reviewer",description:"PR review, bug finding, code quality, security",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["feature-dev:code-reviewer","feature-dev:code-explorer"],role:o},{key:"architect",name:"Architect",description:"System design, architecture decisions, tech leadership",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["feature-dev:code-architect","feature-dev:code-explorer"],role:r},{key:"devops-engineer",name:"DevOps Engineer",description:"CI/CD, infrastructure, deployment, cloud",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["devops-automation:cloud-architect","feature-dev:code-explorer"],role:s},{key:"bug-hunter",name:"Bug Hunter",description:"Find bugs, reproduce issues, propose fixes",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer"],role:c},{key:"tech-writer",name:"Technical Writer",description:"Documentation, READMEs, API docs, guides",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:code-explorer","docx"],role:d},{key:"marketer",name:"Marketer",description:"Marketing strategy, positioning, copy, campaigns",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["marketing-psychology","product-manager-toolkit"],role:l},{key:"content-creator",name:"Content Creator",description:"Blog posts, articles, social media content",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["marketing-psychology"],role:p},{key:"growth-hacker",name:"Growth Hacker",description:"Growth experiments, analytics, user acquisition",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["product-manager-toolkit","feature-dev:feature-dev"],role:u},{key:"security-auditor",name:"Security Auditor",description:"Security scanning, vulnerability analysis, OWASP",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["feature-dev:code-reviewer","feature-dev:code-explorer"],role:h},{key:"performance-engineer",name:"Performance Engineer",description:"Optimization, profiling, benchmarks, load testing",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer"],role:m},{key:"data-engineer",name:"Data Engineer",description:"Data pipelines, ETL, analytics, SQL",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer"],role:g},{key:"fullstack-dev",name:"Full-Stack Developer",description:"End-to-end development, frontend and backend",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["feature-dev:feature-dev","feature-dev:code-explorer","frontend-design"],role:f}];function v(e){return y.find(t=>t.key===e)}export{y as a,v as b};
+- If a task is too large to deliver end-to-end, split it and communicate the dependency.`,y=[{key:"backend-dev",name:"Backend Developer",description:"APIs, databases, backend services",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["review","careful","feature-dev:feature-dev","feature-dev:code-explorer"],role:n},{key:"frontend-dev",name:"Frontend Developer",description:"React, UI components, CSS, responsive design",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["design-review","review","feature-dev:feature-dev","feature-dev:code-explorer"],role:a},{key:"qa-engineer",name:"QA Engineer",description:"Test writing, coverage analysis, quality assurance, browser testing",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["qa","testing-suite:generate-tests","testing-suite:test-coverage"],role:i},{key:"code-reviewer",name:"Code Reviewer",description:"PR review with auto-fix, adversarial review, security checks",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["review","careful","feature-dev:code-reviewer","feature-dev:code-explorer"],role:r},{key:"architect",name:"Architect",description:"System design, architecture decisions, tech leadership",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["plan-eng-review","office-hours","feature-dev:code-architect","feature-dev:code-explorer"],role:o},{key:"devops-engineer",name:"DevOps Engineer",description:"CI/CD, infrastructure, deployment, monitoring",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["ship","canary","devops-automation:cloud-architect"],role:s},{key:"bug-hunter",name:"Bug Hunter",description:"Systematic debugging, root cause analysis, minimal fixes",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["investigate","careful","feature-dev:feature-dev","feature-dev:code-explorer"],role:c},{key:"tech-writer",name:"Technical Writer",description:"Documentation, READMEs, API docs, release notes",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["document-release","review","feature-dev:code-explorer"],role:d},{key:"marketer",name:"Marketer",description:"Marketing strategy, positioning, copy, campaigns",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["office-hours"],role:l},{key:"content-creator",name:"Content Creator",description:"Blog posts, articles, social media content",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["office-hours"],role:p},{key:"growth-hacker",name:"Growth Hacker",description:"Growth experiments, analytics, user acquisition",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["office-hours","feature-dev:feature-dev"],role:u},{key:"security-auditor",name:"Security Auditor",description:"Security scanning, vulnerability analysis, OWASP, guardrails",adapter:"claude",model:"claude-opus-4-6",approval_policy:"suggest",skills:["review","careful","guard","feature-dev:code-reviewer"],role:h},{key:"performance-engineer",name:"Performance Engineer",description:"Optimization, profiling, benchmarks, load testing",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["benchmark","investigate","feature-dev:feature-dev","feature-dev:code-explorer"],role:m},{key:"data-engineer",name:"Data Engineer",description:"Data pipelines, ETL, analytics, SQL",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["careful","feature-dev:feature-dev","feature-dev:code-explorer"],role:g},{key:"fullstack-dev",name:"Full-Stack Developer",description:"End-to-end development, frontend and backend",adapter:"claude",model:"claude-sonnet-4-6",approval_policy:"auto",skills:["review","design-review","feature-dev:feature-dev","feature-dev:code-explorer"],role:f}];function v(e){return y.find(t=>t.key===e)}export{y as a,v as b};

package/dist/chunk-J7ITYXE6.js

@@ -0,0 +1,116 @@
+import { pathExists } from './chunk-W3J7CURM.js';
+import { NotInitializedError } from './chunk-NLQAJ7TW.js';
+import path from 'path';
+import 'fs';
+
+var ORCHESTRY_DIR = ".orchestry";
+var ID_PATTERN = /^[A-Za-z0-9._-]+$/;
+var Paths = class {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+  }
+  /** Root .orchestry/ directory */
+  get root() {
+    return path.join(this.projectRoot, ORCHESTRY_DIR);
+  }
+  get configPath() {
+    return path.join(this.root, "config.yml");
+  }
+  get statePath() {
+    return path.join(this.root, "state.json");
+  }
+  get lockPath() {
+    return path.join(this.root, "orchestry.lock");
+  }
+  get tasksDir() {
+    return path.join(this.root, "tasks");
+  }
+  get agentsDir() {
+    return path.join(this.root, "agents");
+  }
+  get runsDir() {
+    return path.join(this.root, "runs");
+  }
+  get templatesDir() {
+    return path.join(this.root, "templates");
+  }
+  get logsDir() {
+    return path.join(this.root, "logs");
+  }
+  get contextDir() {
+    return path.join(this.root, "context");
+  }
+  contextPath(key) {
+    return path.join(this.contextDir, `${sanitizeId(key)}.json`);
+  }
+  get messagesDir() {
+    return path.join(this.root, "messages");
+  }
+  messagePath(id) {
+    return path.join(this.messagesDir, `${sanitizeId(id)}.json`);
+  }
+  get goalsDir() {
+    return path.join(this.root, "goals");
+  }
+  goalPath(id) {
+    return path.join(this.goalsDir, `${sanitizeId(id)}.yml`);
+  }
+  get teamsDir() {
+    return path.join(this.root, "teams");
+  }
+  get attachmentsDir() {
+    return path.join(this.root, "attachments");
+  }
+  taskAttachmentsDir(taskId) {
+    return path.join(this.attachmentsDir, sanitizeId(taskId));
+  }
+  teamPath(id) {
+    return path.join(this.teamsDir, `${sanitizeId(id)}.yml`);
+  }
+  get gitignorePath() {
+    return path.join(this.root, ".gitignore");
+  }
+  get workspaceExcludePath() {
+    return path.join(this.root, "workspace-exclude");
+  }
+  taskPath(id) {
+    return path.join(this.tasksDir, `${sanitizeId(id)}.yml`);
+  }
+  agentPath(id) {
+    return path.join(this.agentsDir, `${sanitizeId(id)}.yml`);
+  }
+  runPath(id) {
+    return path.join(this.runsDir, `${sanitizeId(id)}.json`);
+  }
+  runEventsPath(id) {
+    return path.join(this.runsDir, `${sanitizeId(id)}.jsonl`);
+  }
+  defaultTemplatePath() {
+    return path.join(this.templatesDir, "default.md");
+  }
+  async isInitialized() {
+    return pathExists(this.root);
+  }
+  async requireInit() {
+    if (!await this.isInitialized()) {
+      throw new NotInitializedError();
+    }
+  }
+};
+function sanitizeId(id) {
+  if (!ID_PATTERN.test(id)) {
+    throw new Error(`Invalid identifier: "${id}"`);
+  }
+  return id;
+}
+function validateWorkspacePath(workspacePath, projectRoot) {
+  const resolved = path.resolve(workspacePath);
+  const root = path.resolve(projectRoot);
+  if (!resolved.startsWith(root + path.sep) && resolved !== root) {
+    throw new Error(`Workspace path "${workspacePath}" is outside project root`);
+  }
+}
+
+export { Paths, sanitizeId, validateWorkspacePath };
+//# sourceMappingURL=chunk-J7ITYXE6.js.map
+//# sourceMappingURL=chunk-J7ITYXE6.js.map

package/dist/chunk-J7ITYXE6.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/infrastructure/storage/paths.ts"],"names":[],"mappings":";;;;;AAYO,IAAM,aAAA,GAAgB,YAAA;AAC7B,IAAM,UAAA,GAAa,mBAAA;AAEZ,IAAM,QAAN,MAAY;AAAA,EACjB,YAA6B,WAAA,EAAqB;AAArB,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA;AAAA,EAAsB;AAAA;AAAA,EAGnD,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,WAAA,EAAa,aAAa,CAAA;AAAA,EAClD;AAAA,EAEA,IAAI,UAAA,GAAqB;AACvB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,IAAI,SAAA,GAAoB;AACtB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,IAAI,QAAA,GAAmB;AACrB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,gBAAgB,CAAA;AAAA,EAC9C;AAAA,EAEA,IAAI,QAAA,GAAmB;AACrB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,OAAO,CAAA;AAAA,EACrC;AAAA,EAEA,IAAI,SAAA,GAAoB;AACtB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,QAAQ,CAAA;AAAA,EACtC;AAAA,EAEA,IAAI,OAAA,GAAkB;AACpB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,MAAM,CAAA;AAAA,EACpC;AAAA,EAEA,IAAI,YAAA,GAAuB;AACzB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,WAAW,CAAA;AAAA,EACzC;AAAA,EAEA,IAAI,OAAA,GAAkB;AACpB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,MAAM,CAAA;AAAA,EACpC;AAAA,EAEA,IAAI,UAAA,GAAqB;AACvB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,SAAS,CAAA;AAAA,EACvC;AAAA,EAEA,YAAY,GAAA,EAAqB;AAC/B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,UAAA,EAAY,GAAG,UAAA,CAAW,GAAG,CAAC,CAAA,KAAA,CAAO,CAAA;AAAA,EAC7D;AAAA,EAEA,IAAI,WAAA,GAAsB;AACxB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA;AAAA,EACxC;AAAA,EAEA,YAAY,EAAA,EAAoB;AAC9B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,WAAA,EAAa,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,KAAA,CAAO,CAAA;AAAA,EAC7D;AAAA,EAEA,IAAI,QAAA,GAAmB;AACrB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,OAAO,CAAA;AAAA,EACrC;AAAA,EAEA,SAAS,EAAA,EAAoB;AAC3B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,QAAA,EAAU,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,IAAA,CAAM,CAAA;AAAA,EACzD;AAAA,EAEA,IAAI,QAAA,GAAmB;AACrB,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,OAAO,CAAA;AAAA,EACrC;AAAA,EAEA,IAAI,cAAA,GAAyB;AAC3B,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,aAAa,CAAA;AAAA,EAC3C;AAAA,EAEA,mBAAmB,MAAA,EAAwB;AACzC,IAAA,OAAO,KAAK,IAAA,CAAK,IAAA,CAAK,cAAA,EAAgB,UAAA,CAAW,MAAM,CAAC,CAAA;AAAA,EAC1D;AAAA,EAEA,SAAS,EAAA,EAAoB;AAC3B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,QAAA,EAAU,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,IAAA,CAAM,CAAA;AAAA,EACzD;AAAA,EAEA,IAAI,aAAA,GAAwB;AAC1B,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,YAAY,CAAA;AAAA,EAC1C;AAAA,EAEA,IAAI,oBAAA,GAA+B;AACjC,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,mBAAmB,CAAA;AAAA,EACjD;AAAA,EAEA,SAAS,EAAA,EAAoB;AAC3B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,QAAA,EAAU,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,IAAA,CAAM,CAAA;AAAA,EACzD;AAAA,EAEA,UAAU,EAAA,EAAoB;AAC5B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,SAAA,EAAW,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,IAAA,CAAM,CAAA;AAAA,EAC1D;AAAA,EAEA,QAAQ,EAAA,EAAoB;AAC1B,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,OAAA,EAAS,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,KAAA,CAAO,CAAA;AAAA,EACzD;AAAA,EAEA,cAAc,EAAA,EAAoB;AAChC,IAAA,OAAO,IAAA,CAAK,KAAK,IAAA,CAAK,OAAA,EAAS,GAAG,UAAA,CAAW,EAAE,CAAC,CAAA,MAAA,CAAQ,CAAA;AAAA,EAC1D;AAAA,EAEA,mBAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,YAAA,EAAc,YAAY,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,aAAA,GAAkC;AACtC,IAAA,OAAO,UAAA,CAAW,KAAK,IAAI,CAAA;AAAA,EAC7B;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAI,CAAE,MAAM,IAAA,CAAK,aAAA,EAAc,EAAI;AACjC,MAAA,MAAM,IAAI,mBAAA,EAAoB;AAAA,IAChC;AAAA,EACF;AACF;AAQO,SAAS,WAAW,EAAA,EAAoB;AAC7C,EAAA,IAAI,CAAC,UAAA,CAAW,IAAA,CAAK,EAAE,CAAA,EAAG;AACxB,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qBAAA,EAAwB,EAAE,CAAA,CAAA,CAAG,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,EAAA;AACT;AAMO,SAAS,qBAAA,CAAsB,eAAuB,WAAA,EAA2B;AACtF,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,OAAA,CAAQ,aAAa,CAAA;AAC3C,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,OAAA,CAAQ,WAAW,CAAA;AAErC,EAAA,IAAI,CAAC,SAAS,UAAA,CAAW,IAAA,GAAO,KAAK,GAAG,CAAA,IAAK,aAAa,IAAA,EAAM;AAC9D,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,gBAAA,EAAmB,aAAa,CAAA,yBAAA,CAA2B,CAAA;AAAA,EAC7E;AACF","file":"chunk-J7ITYXE6.js","sourcesContent":["/**\n * Path resolution for .orchestry/ directory.\n *\n * All path construction goes through this module.\n * Validates initialization state and sanitizes identifiers.\n */\n\nimport path from 'node:path';\nimport { accessSync } from 'node:fs';\nimport { NotInitializedError } from '../../domain/errors.js';\nimport { pathExists } from './fs-utils.js';\n\nexport const ORCHESTRY_DIR = '.orchestry';\nconst ID_PATTERN = /^[A-Za-z0-9._-]+$/;\n\nexport class Paths {\n  constructor(private readonly projectRoot: string) {}\n\n  /** Root .orchestry/ directory */\n  get root(): string {\n    return path.join(this.projectRoot, ORCHESTRY_DIR);\n  }\n\n  get configPath(): string {\n    return path.join(this.root, 'config.yml');\n  }\n\n  get statePath(): string {\n    return path.join(this.root, 'state.json');\n  }\n\n  get lockPath(): string {\n    return path.join(this.root, 'orchestry.lock');\n  }\n\n  get tasksDir(): string {\n    return path.join(this.root, 'tasks');\n  }\n\n  get agentsDir(): string {\n    return path.join(this.root, 'agents');\n  }\n\n  get runsDir(): string {\n    return path.join(this.root, 'runs');\n  }\n\n  get templatesDir(): string {\n    return path.join(this.root, 'templates');\n  }\n\n  get logsDir(): string {\n    return path.join(this.root, 'logs');\n  }\n\n  get contextDir(): string {\n    return path.join(this.root, 'context');\n  }\n\n  contextPath(key: string): string {\n    return path.join(this.contextDir, `${sanitizeId(key)}.json`);\n  }\n\n  get messagesDir(): string {\n    return path.join(this.root, 'messages');\n  }\n\n  messagePath(id: string): string {\n    return path.join(this.messagesDir, `${sanitizeId(id)}.json`);\n  }\n\n  get goalsDir(): string {\n    return path.join(this.root, 'goals');\n  }\n\n  goalPath(id: string): string {\n    return path.join(this.goalsDir, `${sanitizeId(id)}.yml`);\n  }\n\n  get teamsDir(): string {\n    return path.join(this.root, 'teams');\n  }\n\n  get attachmentsDir(): string {\n    return path.join(this.root, 'attachments');\n  }\n\n  taskAttachmentsDir(taskId: string): string {\n    return path.join(this.attachmentsDir, sanitizeId(taskId));\n  }\n\n  teamPath(id: string): string {\n    return path.join(this.teamsDir, `${sanitizeId(id)}.yml`);\n  }\n\n  get gitignorePath(): string {\n    return path.join(this.root, '.gitignore');\n  }\n\n  get workspaceExcludePath(): string {\n    return path.join(this.root, 'workspace-exclude');\n  }\n\n  taskPath(id: string): string {\n    return path.join(this.tasksDir, `${sanitizeId(id)}.yml`);\n  }\n\n  agentPath(id: string): string {\n    return path.join(this.agentsDir, `${sanitizeId(id)}.yml`);\n  }\n\n  runPath(id: string): string {\n    return path.join(this.runsDir, `${sanitizeId(id)}.json`);\n  }\n\n  runEventsPath(id: string): string {\n    return path.join(this.runsDir, `${sanitizeId(id)}.jsonl`);\n  }\n\n  defaultTemplatePath(): string {\n    return path.join(this.templatesDir, 'default.md');\n  }\n\n  async isInitialized(): Promise<boolean> {\n    return pathExists(this.root);\n  }\n\n  async requireInit(): Promise<void> {\n    if (!(await this.isInitialized())) {\n      throw new NotInitializedError();\n    }\n  }\n}\n\n/**\n * Validate an identifier for use in file paths.\n * Only allows [A-Za-z0-9._-] characters.\n * Rejects identifiers containing forbidden characters (path separators, etc.)\n * to prevent path traversal attacks.\n */\nexport function sanitizeId(id: string): string {\n  if (!ID_PATTERN.test(id)) {\n    throw new Error(`Invalid identifier: \"${id}\"`);\n  }\n  return id;\n}\n\n/**\n * Validate that a workspace path is within the project root.\n * Prevents path traversal attacks.\n */\nexport function validateWorkspacePath(workspacePath: string, projectRoot: string): void {\n  const resolved = path.resolve(workspacePath);\n  const root = path.resolve(projectRoot);\n\n  if (!resolved.startsWith(root + path.sep) && resolved !== root) {\n    throw new Error(`Workspace path \"${workspacePath}\" is outside project root`);\n  }\n}\n\n/**\n * Module-level cache for findProjectRoot().\n * Key: resolved startDir, Value: found project root.\n * Avoids repeated accessSync() traversals on every CLI invocation.\n */\nconst projectRootCache = new Map<string, string>();\n\n/**\n * Resolve project root by walking up from cwd looking for .orchestry/.\n * Returns cwd if not found (for init command).\n *\n * Results are cached per startDir to avoid redundant filesystem traversals.\n */\nexport function findProjectRoot(startDir: string = process.cwd()): string {\n  const resolvedStart = path.resolve(startDir);\n  const cached = projectRootCache.get(resolvedStart);\n  if (cached !== undefined) return cached;\n\n  let dir = resolvedStart;\n  const root = path.parse(dir).root;\n\n  while (dir !== root) {\n    try {\n      accessSync(path.join(dir, '.orchestry'));\n      projectRootCache.set(resolvedStart, dir);\n      return dir;\n    } catch {\n      // Not found, go up\n    }\n    dir = path.dirname(dir);\n  }\n\n  // Not found — return resolved dir (for init command)\n  projectRootCache.set(resolvedStart, resolvedStart);\n  return resolvedStart;\n}\n\n/**\n * Clear the findProjectRoot cache.\n * Useful in tests or after `orch init` changes the project structure.\n */\nexport function clearProjectRootCache(): void {\n  projectRootCache.clear();\n}\n"]}

package/dist/chunk-U2JVMD2G.js

@@ -0,0 +1,66 @@
+import { listFiles, pathExists } from './chunk-W3J7CURM.js';
+import { readFile } from 'fs/promises';
+import { fileURLToPath } from 'url';
+import { join, dirname } from 'path';
+
+var VALID_SKILL_NAME = /^[a-z0-9-]+$/;
+async function resolveLibraryDir() {
+  const thisDir = dirname(fileURLToPath(import.meta.url));
+  let dir = thisDir;
+  for (let i = 0; i < 5; i++) {
+    const candidate = join(dir, "skills", "library");
+    if (await pathExists(candidate)) return candidate;
+    dir = dirname(dir);
+  }
+  return join(thisDir, "..", "..", "..", "skills", "library");
+}
+var SkillLoader = class {
+  cache = /* @__PURE__ */ new Map();
+  libraryDirPromise;
+  availableCache = null;
+  constructor(libraryDir) {
+    this.libraryDirPromise = libraryDir ? Promise.resolve(libraryDir) : resolveLibraryDir();
+  }
+  async loadSkills(skillNames) {
+    const librarySkills = skillNames.filter((s) => !s.includes(":"));
+    if (librarySkills.length === 0) return "";
+    const results = await Promise.all(librarySkills.map((name) => this.loadOne(name)));
+    const sections = librarySkills.map((name, i) => results[i] ? `### ${name}
+
+${results[i]}` : null).filter((s) => s !== null);
+    if (sections.length === 0) return "";
+    return `## Skills
+
+${sections.join("\n\n")}`;
+  }
+  async listAvailable() {
+    if (this.availableCache) return this.availableCache;
+    const dir = await this.libraryDirPromise;
+    const entries = await listFiles(dir, ".md");
+    this.availableCache = entries.map((e) => e.replace(/\.md$/, "")).sort();
+    return this.availableCache;
+  }
+  async loadOne(name) {
+    const cached = this.cache.get(name);
+    if (cached !== void 0) return cached || null;
+    if (!VALID_SKILL_NAME.test(name)) {
+      return null;
+    }
+    const dir = await this.libraryDirPromise;
+    const filePath = join(dir, `${name}.md`);
+    try {
+      const content = await readFile(filePath, "utf8");
+      this.cache.set(name, content);
+      return content;
+    } catch {
+      process.stderr.write(`[orch] skill library: "${name}" not found in ${dir}
+`);
+      this.cache.set(name, "");
+      return null;
+    }
+  }
+};
+
+export { SkillLoader };
+//# sourceMappingURL=chunk-U2JVMD2G.js.map
+//# sourceMappingURL=chunk-U2JVMD2G.js.map

package/dist/chunk-U2JVMD2G.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/infrastructure/skills/skill-loader.ts"],"names":[],"mappings":";;;;;AAgBA,IAAM,gBAAA,GAAmB,cAAA;AAMzB,eAAe,iBAAA,GAAqC;AAClD,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,aAAA,CAAc,MAAA,CAAA,IAAA,CAAY,GAAG,CAAC,CAAA;AAGtD,EAAA,IAAI,GAAA,GAAM,OAAA;AACV,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,EAAG,CAAA,EAAA,EAAK;AAC1B,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAK,QAAA,EAAU,SAAS,CAAA;AAC/C,IAAA,IAAI,MAAM,UAAA,CAAW,SAAS,CAAA,EAAG,OAAO,SAAA;AACxC,IAAA,GAAA,GAAM,QAAQ,GAAG,CAAA;AAAA,EACnB;AAGA,EAAA,OAAO,KAAK,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,UAAU,SAAS,CAAA;AAC5D;AAcO,IAAM,cAAN,MAA0C;AAAA,EAC9B,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAChC,iBAAA;AAAA,EACT,cAAA,GAAkC,IAAA;AAAA,EAE1C,YAAY,UAAA,EAAqB;AAC/B,IAAA,IAAA,CAAK,oBAAoB,UAAA,GACrB,OAAA,CAAQ,OAAA,CAAQ,UAAU,IAC1B,iBAAA,EAAkB;AAAA,EACxB;AAAA,EAEA,MAAM,WAAW,UAAA,EAAuC;AACtD,IAAA,MAAM,aAAA,GAAgB,WAAW,MAAA,CAAO,CAAC,MAAM,CAAC,CAAA,CAAE,QAAA,CAAS,GAAG,CAAC,CAAA;AAC/D,IAAA,IAAI,aAAA,CAAc,MAAA,KAAW,CAAA,EAAG,OAAO,EAAA;AAEvC,IAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAc,GAAA,CAAI,CAAC,IAAA,KAAS,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAC,CAAC,CAAA;AACjF,IAAA,MAAM,QAAA,GAAW,aAAA,CACd,GAAA,CAAI,CAAC,IAAA,EAAM,MAAO,OAAA,CAAQ,CAAC,CAAA,GAAI,CAAA,IAAA,EAAO,IAAI;;AAAA,EAAO,OAAA,CAAQ,CAAC,CAAC,CAAA,CAAA,GAAK,IAAK,EACrE,MAAA,CAAO,CAAC,CAAA,KAAmB,CAAA,KAAM,IAAI,CAAA;AAExC,IAAA,IAAI,QAAA,CAAS,MAAA,KAAW,CAAA,EAAG,OAAO,EAAA;AAClC,IAAA,OAAO,CAAA;;AAAA,EAAgB,QAAA,CAAS,IAAA,CAAK,MAAM,CAAC,CAAA,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,aAAA,GAAmC;AACvC,IAAA,IAAI,IAAA,CAAK,cAAA,EAAgB,OAAO,IAAA,CAAK,cAAA;AAErC,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,iBAAA;AACvB,IAAA,MAAM,OAAA,GAAU,MAAM,SAAA,CAAU,GAAA,EAAK,KAAK,CAAA;AAC1C,IAAA,IAAA,CAAK,cAAA,GAAiB,OAAA,CACnB,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,OAAA,CAAQ,OAAA,EAAS,EAAE,CAAC,CAAA,CACjC,IAAA,EAAK;AACR,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,MAAc,QAAQ,IAAA,EAAsC;AAC1D,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAI,CAAA;AAClC,IAAA,IAAI,MAAA,KAAW,MAAA,EAAW,OAAO,MAAA,IAAU,IAAA;AAE3C,IAAA,IAAI,CAAC,gBAAA,CAAiB,IAAA,CAAK,IAAI,CAAA,EAAG;AAChC,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,iBAAA;AACvB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAK,CAAA,EAAG,IAAI,CAAA,GAAA,CAAK,CAAA;AACvC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,QAAA,EAAU,MAAM,CAAA;AAC/C,MAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAA,EAAM,OAAO,CAAA;AAC5B,MAAA,OAAO,OAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAA,CAAQ,MAAA,CAAO,KAAA,CAAM,CAAA,uBAAA,EAA0B,IAAI,kBAAkB,GAAG;AAAA,CAAI,CAAA;AAC5E,MAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAA,EAAM,EAAE,CAAA;AACvB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACF","file":"chunk-U2JVMD2G.js","sourcesContent":["/**\n * Skill Library loader.\n *\n * Resolves agent skill names to Markdown content from the bundled\n * `skills/library/` directory. Skills containing ':' are Claude Code\n * MCP skills — handled natively by Claude CLI, skipped here.\n *\n * Content is cached in-process for the lifetime of the SkillLoader instance.\n */\n\nimport { readFile } from 'node:fs/promises';\nimport { fileURLToPath } from 'node:url';\nimport { dirname, join } from 'node:path';\nimport { listFiles, pathExists } from '../storage/fs-utils.js';\n\n/** Valid skill name: lowercase alphanumeric + hyphens only. */\nconst VALID_SKILL_NAME = /^[a-z0-9-]+$/;\n\n/**\n * Resolve the skills/library/ directory relative to the package root.\n * Works in both dev mode (src/infrastructure/skills/) and production (dist/).\n */\nasync function resolveLibraryDir(): Promise<string> {\n  const thisDir = dirname(fileURLToPath(import.meta.url));\n\n  // Walk up from current file until we find skills/library/\n  let dir = thisDir;\n  for (let i = 0; i < 5; i++) {\n    const candidate = join(dir, 'skills', 'library');\n    if (await pathExists(candidate)) return candidate;\n    dir = dirname(dir);\n  }\n\n  // Fallback: assume 3 levels up (src/infrastructure/skills/ → root)\n  return join(thisDir, '..', '..', '..', 'skills', 'library');\n}\n\nexport interface ISkillLoader {\n  /**\n   * Load and format library skill content for the given skill names.\n   * MCP skills (containing ':') are silently skipped.\n   * Returns formatted Markdown block or empty string if no library skills resolved.\n   */\n  loadSkills(skillNames: string[]): Promise<string>;\n\n  /** List all available library skill names. */\n  listAvailable(): Promise<string[]>;\n}\n\nexport class SkillLoader implements ISkillLoader {\n  private readonly cache = new Map<string, string>();\n  private readonly libraryDirPromise: Promise<string>;\n  private availableCache: string[] | null = null;\n\n  constructor(libraryDir?: string) {\n    this.libraryDirPromise = libraryDir\n      ? Promise.resolve(libraryDir)\n      : resolveLibraryDir();\n  }\n\n  async loadSkills(skillNames: string[]): Promise<string> {\n    const librarySkills = skillNames.filter((s) => !s.includes(':'));\n    if (librarySkills.length === 0) return '';\n\n    const results = await Promise.all(librarySkills.map((name) => this.loadOne(name)));\n    const sections = librarySkills\n      .map((name, i) => (results[i] ? `### ${name}\\n\\n${results[i]}` : null))\n      .filter((s): s is string => s !== null);\n\n    if (sections.length === 0) return '';\n    return `## Skills\\n\\n${sections.join('\\n\\n')}`;\n  }\n\n  async listAvailable(): Promise<string[]> {\n    if (this.availableCache) return this.availableCache;\n\n    const dir = await this.libraryDirPromise;\n    const entries = await listFiles(dir, '.md');\n    this.availableCache = entries\n      .map((e) => e.replace(/\\.md$/, ''))\n      .sort();\n    return this.availableCache;\n  }\n\n  private async loadOne(name: string): Promise<string | null> {\n    const cached = this.cache.get(name);\n    if (cached !== undefined) return cached || null;\n\n    if (!VALID_SKILL_NAME.test(name)) {\n      return null;\n    }\n\n    const dir = await this.libraryDirPromise;\n    const filePath = join(dir, `${name}.md`);\n    try {\n      const content = await readFile(filePath, 'utf8');\n      this.cache.set(name, content);\n      return content;\n    } catch {\n      process.stderr.write(`[orch] skill library: \"${name}\" not found in ${dir}\\n`);\n      this.cache.set(name, '');\n      return null;\n    }\n  }\n}\n"]}