@securityreviewai/securityreview-kit 0.1.42 → 0.1.43

package/README.md

@@ -27,11 +27,11 @@ npx @securityreviewai/securityreview-kit init --switch-project
 
 | Target | Flag | MCP Config | Workspace Rule |
 |---|---|---|---|
-| Cursor | `cursor` | `.cursor/mcp.json` | `.cursor/rules/srai-security-review.mdc`, `.cursor/rules/ctm_sync_rule.mdc`, `.cursor/commands/ctm_sync.md`, `.cursor/agents/ctm_sync.md`, `.cursor/commands/create-ide-workflow.md`, `.cursor/commands/srai-profile.md`, `.cursor/skills/threat-modelling/SKILL.md` |
-| Claude Code | `claude` | `.mcp.json` | `.claude/CLAUDE.md`, `.claude/settings.json`, `.claude/skills/threat-modelling/SKILL.md`, `.claude/skills/guardrails-profiler/SKILL.md`, `.claude/skills/guardrails-selection/SKILL.md`, `.claude/agents/ctm_sync.md`, `.claude/commands/guardrails-init-profile.md` |
-| VS Code Copilot | `vscode` | `.vscode/mcp.json` | `.github/copilot-instructions.md`, `.github/skills/threat-modelling/SKILL.md`, `.github/skills/guardrails-profiler/SKILL.md`, `.github/skills/guardrails-selection/SKILL.md`, `.github/agents/ctm_sync.agent.md`, `.github/hooks/srai-session-policy.json` |
+| Cursor | `cursor` | `.cursor/mcp.json` | `.cursor/rules/srai-security-review.mdc`, `.cursor/rules/guardrails_rule.mdc`, `.cursor/commands/srai-profile.md`, `.cursor/commands/guardrails-init-profile.md`, `.cursor/skills/threat-modelling/SKILL.md`, `.cursor/hooks.json` |
+| Claude Code | `claude` | `.mcp.json` | `.claude/CLAUDE.md`, `.claude/settings.json`, `.claude/skills/threat-modelling/SKILL.md`, `.claude/skills/guardrails-profiler/SKILL.md`, `.claude/skills/guardrails-selection/SKILL.md`, `.claude/commands/guardrails-init-profile.md` |
+| VS Code Copilot | `vscode` | `.vscode/mcp.json` | `.github/copilot-instructions.md`, `.github/skills/threat-modelling/SKILL.md`, `.github/skills/guardrails-profiler/SKILL.md`, `.github/skills/guardrails-selection/SKILL.md`, `.github/hooks/srai-session-policy.json` |
 | Windsurf | `windsurf` | `.windsurf/mcp_config.json` | `.windsurf/rules/srai-security-review.md` |
-| Codex | `codex` | `.codex/config.toml` | `.codex/AGENTS.md`, `.codex/skills/threat-modelling/SKILL.md`, `.codex/skills/guardrails-profiler/SKILL.md`, `.codex/skills/guardrails-selection/SKILL.md`, `.codex/agents/ctm_sync.toml`, `.codex/hooks.json`, `.codex/commands/guardrails-init-profile.md` |
+| Codex | `codex` | `.codex/config.toml` | `.codex/AGENTS.md`, `.codex/skills/threat-modelling/SKILL.md`, `.codex/skills/guardrails-profiler/SKILL.md`, `.codex/skills/guardrails-selection/SKILL.md`, `.codex/hooks.json`, `.codex/commands/guardrails-init-profile.md` |
 | Gemini CLI | `gemini` | `.gemini/settings.json` | `GEMINI.md` |
 | Antigravity | `antigravity` | `.gemini/settings.json` | `.agents/rules/srai-security-review.md` |
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@securityreviewai/securityreview-kit",
-  "version": "0.1.42",
+  "version": "0.1.43",
   "description": "Bootstrap security-review-mcp for AI IDEs and CLI tools",
   "author": "Debarshi Das <debarshi.das@we45.com>",
   "license": "UNLICENSED",

package/src/generators/mcp/claude.js

@@ -10,9 +10,9 @@ function getClaudeSessionStartHooks() {
         '1. Fetch Vibe Guardrails first using .claude/skills/guardrails-selection/SKILL.md.',
         '2. Run PWNISMS threat modelling using .claude/skills/threat-modelling/SKILL.md.',
         '3. Implement secure code using the hydrated guardrails and threat findings.',
-        '4. Invoke the ctm_sync agent using .claude/agents/ctm_sync.md after implementation or threat-model updates. The agent should write a structured .md sync artifact and upload it with sync_ai_ide_markdown.',
+        '4. Write a structured .md artifact under vibereview/, validate it, and call sync_ai_ide_markdown directly after implementation or threat-model updates.',
         '',
-        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, ctm_sync last.',
+        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, VibeReview sync last.',
     ].join('\n');
 
     return [

package/src/generators/mcp/claude.test.js

@@ -19,6 +19,8 @@ test('Claude MCP generator writes .mcp.json, enables the project MCP server, and
     assert.deepEqual(settings.enabledMcpjsonServers, ['security-review-mcp']);
     assert.equal(Array.isArray(settings.SessionStart), true);
     assert.match(settings.SessionStart[0].hooks[0].prompt, /MANDATORY SECURITY GATE/);
+    assert.match(settings.SessionStart[0].hooks[0].prompt, /vibereview\//);
+    assert.match(settings.SessionStart[0].hooks[0].prompt, /sync_ai_ide_markdown/);
 });
 
 test('Claude MCP generator preserves existing SessionStart hooks', () => {

package/src/generators/rules/claude.js

@@ -1,7 +1,6 @@
 import { existsSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
 import {
-    CTM_SYNC_AGENT_REL_PATH,
     GUARDRAILS_PROFILER_SKILL_REL_DIR,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
     SENTINEL_END,
@@ -10,7 +9,6 @@ import {
 } from '../../utils/constants.js';
 import { readText, upsertSentinelBlock, writeText } from '../../utils/fs-helpers.js';
 import {
-    getCtmSyncWorkflowContent,
     getGuardrailsInitProfileContent,
     getRuleContent,
     getThreatModellingSkillContent,
@@ -22,25 +20,6 @@ function writeGeneratedText(filePath, content) {
     return { filePath, action };
 }
 
-function getAgentBody(content) {
-    return content.replace(/^---\n[\s\S]*?\n---\n*/, '').trim();
-}
-
-function getClaudeCtmSyncAgentContent(options = {}) {
-    const body = getAgentBody(getCtmSyncWorkflowContent(options));
-    return [
-        '---',
-        'name: ctm_sync',
-        'description: Use this agent after security-relevant implementation or threat modelling work to synchronize the latest threat model, mitigations, and guardrails to SRAI.',
-        'model: inherit',
-        'color: blue',
-        '---',
-        '',
-        body,
-        '',
-    ].join('\n');
-}
-
 /**
  * Generate Claude Code workspace rule — appends to .claude/CLAUDE.md
  */
@@ -49,7 +28,6 @@ export function generate(cwd, options = {}) {
         ...options,
         guardrailsSelectionSkillDir: GUARDRAILS_SELECTION_SKILL_REL_DIR.claude,
         threatModellingSkillDir: THREAT_MODELLING_SKILL_REL_DIR.claude,
-        ctmSyncAgentPath: CTM_SYNC_AGENT_REL_PATH.claude,
     };
     const legacyRootPath = join(cwd, 'CLAUDE.md');
     const filePath = join(cwd, '.claude', 'CLAUDE.md');
@@ -76,11 +54,10 @@ export function generate(cwd, options = {}) {
         getThreatModellingSkillContent(optionsWithSkillDirs),
     );
 
-    const ctmSyncAgentPath = join(cwd, CTM_SYNC_AGENT_REL_PATH.claude);
-    const ctmSyncAgent = writeGeneratedText(
-        ctmSyncAgentPath,
-        getClaudeCtmSyncAgentContent(optionsWithSkillDirs),
-    );
+    const deletedLegacyAgentPath = join(cwd, '.claude', 'agents', 'ctm_sync.md');
+    const deletedLegacyAgent = existsSync(deletedLegacyAgentPath)
+        ? (unlinkSync(deletedLegacyAgentPath), { filePath: deletedLegacyAgentPath, action: 'deleted' })
+        : null;
 
     const guardrailsInitPath = join(cwd, '.claude', 'commands', 'guardrails-init-profile.md');
     const guardrailsInit = writeGeneratedText(
@@ -94,7 +71,7 @@ export function generate(cwd, options = {}) {
     return [
         { filePath, action, kind: 'rule' },
         { ...threatSkill, kind: 'skill' },
-        { ...ctmSyncAgent, kind: 'agent' },
         { ...guardrailsInit, kind: 'command' },
+        ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),
     ];
 }

package/src/generators/rules/claude.test.js

@@ -5,7 +5,7 @@ import { test } from 'node:test';
 import assert from 'node:assert/strict';
 import { generate } from './claude.js';
 
-test('Claude generator writes .claude/CLAUDE.md, threat skill, ctm_sync agent, and profiling command', () => {
+test('Claude generator writes .claude/CLAUDE.md, threat skill, and profiling command', () => {
     const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-claude-'));
 
     const results = generate(cwd, { projectName: 'SmokeProject' });
@@ -13,7 +13,6 @@ test('Claude generator writes .claude/CLAUDE.md, threat skill, ctm_sync agent, a
     const expectedPaths = [
         '.claude/CLAUDE.md',
         '.claude/skills/threat-modelling/SKILL.md',
-        '.claude/agents/ctm_sync.md',
         '.claude/commands/guardrails-init-profile.md',
     ];
 
@@ -21,27 +20,18 @@ test('Claude generator writes .claude/CLAUDE.md, threat skill, ctm_sync agent, a
         assert.equal(existsSync(join(cwd, relPath)), true, `${relPath} should exist`);
     }
 
-    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'agent', 'command']);
+    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'command']);
 
     const instructions = readFileSync(join(cwd, '.claude/CLAUDE.md'), 'utf8');
     assert.match(instructions, /\.claude\/skills\/guardrails-selection\/SKILL\.md/);
     assert.match(instructions, /\.claude\/skills\/threat-modelling\/SKILL\.md/);
-    assert.match(instructions, /\.claude\/agents\/ctm_sync\.md/);
+    assert.match(instructions, /sync_ai_ide_markdown/);
+    assert.match(instructions, /vibereview\//);
 
     const threatSkill = readFileSync(join(cwd, '.claude/skills/threat-modelling/SKILL.md'), 'utf8');
-    assert.match(threatSkill, /\.claude\/agents\/ctm_sync\.md/);
+    assert.match(threatSkill, /sync_ai_ide_markdown/);
+    assert.match(threatSkill, /vibereview\//);
     assert.doesNotMatch(threatSkill, /get_project_profile_description/);
-
-    const agent = readFileSync(join(cwd, '.claude/agents/ctm_sync.md'), 'utf8');
-    assert.match(agent, /^---\nname: ctm_sync/m);
-    assert.match(agent, /model: inherit/);
-    assert.match(agent, /Configured SRAI project name: `SmokeProject`/);
-    assert.match(agent, /sync_ai_ide_markdown/);
-    assert.match(agent, /structured markdown artifact/i);
-    assert.match(agent, /chat_session_id/);
-    assert.match(agent, /Guardrails Applied/);
-    assert.match(agent, /vibereview\//);
-    assert.doesNotMatch(agent, /Call `create_ai_ide_event` with/i);
 });
 
 test('Claude generator migrates the kit-managed root CLAUDE.md block into .claude/CLAUDE.md', () => {

package/src/generators/rules/codex.js

@@ -1,14 +1,12 @@
-import { existsSync } from 'node:fs';
+import { existsSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
 import {
-    CTM_SYNC_AGENT_REL_PATH,
     GUARDRAILS_PROFILER_SKILL_REL_DIR,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
     THREAT_MODELLING_SKILL_REL_DIR,
 } from '../../utils/constants.js';
 import { upsertSentinelBlock, writeText } from '../../utils/fs-helpers.js';
 import {
-    getCtmSyncWorkflowContent,
     getGuardrailsInitProfileContent,
     getRuleContent,
     getThreatModellingSkillContent,
@@ -20,6 +18,14 @@ function writeGeneratedText(filePath, content) {
     return { filePath, action };
 }
 
+function removeGeneratedText(filePath) {
+    if (existsSync(filePath)) {
+        unlinkSync(filePath);
+        return { filePath, action: 'deleted' };
+    }
+    return null;
+}
+
 function getCodexSessionHookContent() {
     const additionalContext = [
         '## MANDATORY SECURITY GATE (Session Policy)',
@@ -29,9 +35,9 @@ function getCodexSessionHookContent() {
         '1. Fetch Vibe Guardrails first using .codex/skills/guardrails-selection/SKILL.md. Resolve the project, call get_guardrails, shortlist relevant guardrails, then call get_guardrail_by_id for the shortlist.',
         '2. Run PWNISMS threat modelling using .codex/skills/threat-modelling/SKILL.md. Explicitly walk Product, Workload, Network, IAM, Secrets, Monitoring, and Supply Chain.',
         '3. Implement secure code using both the hydrated guardrails and PWNISMS findings.',
-        '4. Invoke the ctm_sync subagent using .codex/agents/ctm_sync.toml after threat modelling or guardrail enforcement. Reuse the exact guardrail shortlist; do not re-query guardrails during CTM sync. The subagent should write a structured .md sync artifact and upload it with sync_ai_ide_markdown.',
+        '4. Write a structured .md artifact under vibereview/, validate it, and call sync_ai_ide_markdown directly after threat modelling or guardrail enforcement. Reuse the exact guardrail shortlist; do not re-query guardrails during the final sync.',
         '',
-        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, ctm_sync last.',
+        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, VibeReview sync last.',
     ].join('\n');
 
     const sessionStartPayload = JSON.stringify({
@@ -82,22 +88,6 @@ function getCodexSessionHookContent() {
     ) + '\n';
 }
 
-function getAgentBody(content) {
-    return content.replace(/^---\n[\s\S]*?\n---\n*/, '').trim();
-}
-
-function getCodexCtmSyncAgentContent(options = {}) {
-    const developerInstructions = getAgentBody(getCtmSyncWorkflowContent(options));
-    return [
-        'name = "ctm_sync"',
-        'description = "Synchronize threat-model and guardrail data to SRAI after security-relevant work."',
-        "developer_instructions = '''",
-        developerInstructions,
-        "'''",
-        '',
-    ].join('\n');
-}
-
 /**
  * Generate Codex workspace rule — appends to AGENTS.md
  */
@@ -106,7 +96,6 @@ export function generate(cwd, options = {}) {
         ...options,
         guardrailsSelectionSkillDir: GUARDRAILS_SELECTION_SKILL_REL_DIR.codex,
         threatModellingSkillDir: THREAT_MODELLING_SKILL_REL_DIR.codex,
-        ctmSyncAgentPath: CTM_SYNC_AGENT_REL_PATH.codex,
     };
     const filePath = join(cwd, '.codex', 'AGENTS.md');
     const content = getRuleContent(optionsWithSkillDirs);
@@ -118,11 +107,7 @@ export function generate(cwd, options = {}) {
         getThreatModellingSkillContent(optionsWithSkillDirs),
     );
 
-    const ctmSyncAgentPath = join(cwd, CTM_SYNC_AGENT_REL_PATH.codex);
-    const ctmSyncAgent = writeGeneratedText(
-        ctmSyncAgentPath,
-        getCodexCtmSyncAgentContent(optionsWithSkillDirs),
-    );
+    const deletedLegacyAgent = removeGeneratedText(join(cwd, '.codex', 'agents', 'ctm_sync.toml'));
 
     const hooksPath = join(cwd, '.codex', 'hooks.json');
     const hooks = writeGeneratedText(hooksPath, getCodexSessionHookContent());
@@ -139,8 +124,8 @@ export function generate(cwd, options = {}) {
     return [
         { filePath, action, kind: 'rule' },
         { ...threatSkill, kind: 'skill' },
-        { ...ctmSyncAgent, kind: 'agent' },
         { ...hooks, kind: 'hooks' },
         { ...guardrailsInit, kind: 'command' },
+        ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),
     ];
 }

package/src/generators/rules/codex.test.js

@@ -5,7 +5,7 @@ import { test } from 'node:test';
 import assert from 'node:assert/strict';
 import { generate } from './codex.js';
 
-test('Codex generator writes AGENTS, skills, subagent, hooks, and profiling command', () => {
+test('Codex generator writes AGENTS, skills, hooks, and profiling command', () => {
     const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-codex-'));
 
     const results = generate(cwd, { projectName: 'SmokeProject' });
@@ -13,7 +13,6 @@ test('Codex generator writes AGENTS, skills, subagent, hooks, and profiling comm
     const expectedPaths = [
         '.codex/AGENTS.md',
         '.codex/skills/threat-modelling/SKILL.md',
-        '.codex/agents/ctm_sync.toml',
         '.codex/hooks.json',
         '.codex/commands/guardrails-init-profile.md',
     ];
@@ -22,12 +21,13 @@ test('Codex generator writes AGENTS, skills, subagent, hooks, and profiling comm
         assert.equal(existsSync(join(cwd, relPath)), true, `${relPath} should exist`);
     }
 
-    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'agent', 'hooks', 'command']);
+    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'hooks', 'command']);
 
     const instructions = readFileSync(join(cwd, '.codex/AGENTS.md'), 'utf8');
     assert.match(instructions, /\.codex\/skills\/guardrails-selection\/SKILL\.md/);
     assert.match(instructions, /\.codex\/skills\/threat-modelling\/SKILL\.md/);
-    assert.match(instructions, /\.codex\/agents\/ctm_sync\.toml/);
+    assert.match(instructions, /sync_ai_ide_markdown/);
+    assert.match(instructions, /vibereview\//);
     assert.doesNotMatch(instructions, /\.cursor/);
     assert.doesNotMatch(instructions, /\.agents\/skills/);
 
@@ -35,22 +35,14 @@ test('Codex generator writes AGENTS, skills, subagent, hooks, and profiling comm
     for (const heading of ['Product', 'Workload', 'Network', 'IAM', 'Secrets', 'Monitoring', 'Supply Chain']) {
         assert.match(threatSkill, new RegExp(heading));
     }
-    assert.match(threatSkill, /\.codex\/agents\/ctm_sync\.toml/);
+    assert.match(threatSkill, /sync_ai_ide_markdown/);
+    assert.match(threatSkill, /vibereview\//);
     assert.doesNotMatch(threatSkill, /get_project_profile_description/);
 
-    const agent = readFileSync(join(cwd, '.codex/agents/ctm_sync.toml'), 'utf8');
-    assert.match(agent, /name = "ctm_sync"/);
-    assert.match(agent, /developer_instructions = '''/);
-    assert.match(agent, /Configured SRAI project name: `SmokeProject`/);
-    assert.match(agent, /sync_ai_ide_markdown/);
-    assert.match(agent, /structured markdown artifact/i);
-    assert.match(agent, /chat_session_id/);
-    assert.match(agent, /Best Practices Achieved/);
-    assert.match(agent, /vibereview\//);
-    assert.doesNotMatch(agent, /Call `create_ai_ide_event` with/i);
-
     const hooks = JSON.parse(readFileSync(join(cwd, '.codex/hooks.json'), 'utf8'));
     assert.equal(hooks.hooks.SessionStart[0].hooks[0].type, 'command');
     assert.equal(hooks.hooks.UserPromptSubmit[0].hooks[0].type, 'command');
     assert.match(hooks.hooks.UserPromptSubmit[0].hooks[0].command, /"hookEventName":"UserPromptSubmit"/);
+    assert.match(hooks.hooks.UserPromptSubmit[0].hooks[0].command, /vibereview/);
+    assert.match(hooks.hooks.UserPromptSubmit[0].hooks[0].command, /sync_ai_ide_markdown/);
 });

package/src/generators/rules/content.js

@@ -50,12 +50,6 @@ function readTemplate(templateFileName, options = {}) {
         '.cursor/skills/threat-modelling',
         options.threatModellingSkillDir,
     );
-    out = injectPathPlaceholder(
-        out,
-        '{{CTM_SYNC_AGENT_PATH}}',
-        '.cursor/agents/ctm_sync.md',
-        options.ctmSyncAgentPath,
-    );
 
     return out;
 }
@@ -74,27 +68,6 @@ export function getProfileCommandContent(options = {}) {
     return readTemplate('srai-profile.md', options);
 }
 
-/**
- * Returns the CTM sync workflow content markdown.
- */
-export function getCtmSyncWorkflowContent(options = {}) {
-    return readTemplate('ctm_sync.md', options);
-}
-
-/**
- * Returns the Cursor CTM sync trigger rule markdown.
- */
-export function getCtmSyncTriggerRuleContent(options = {}) {
-    return readTemplate('ctm_sync_rule.md', options);
-}
-
-/**
- * Returns the Cursor create-ide-workflow command markdown.
- */
-export function getCreateIdeWorkflowCommandContent(options = {}) {
-    return readTemplate('create-ide-workflow.md', options);
-}
-
 /**
  * Returns the threat-modelling skill markdown.
  */

package/src/generators/rules/content.md

@@ -12,7 +12,7 @@ For any task that touches auth, authorization, input handling, secrets, network,
    - Read and follow `{{GUARDRAILS_SELECTION_SKILL_DIR}}/SKILL.md`.
    - Resolve the SRAI project with `find_project_by_name` using `name="<SRAI_PROJECT_NAME>"`.
    - Call `get_guardrails`, shortlist only the relevant project guardrails, then hydrate the exact shortlist with `get_guardrail_by_id`.
-   - Preserve that exact shortlist in context for implementation and CTM sync.
+   - Preserve that exact shortlist in context for implementation and the final VibeReview sync step.
 
 2. **Run PWNISMS threat modelling before implementation.**
    - Read and follow `{{THREAT_MODELLING_SKILL_DIR}}/SKILL.md`.
@@ -26,11 +26,16 @@ For any task that touches auth, authorization, input handling, secrets, network,
    - Use the PWNISMS findings to guide design, validation, authorization, logging, secrets handling, dependency choices, and abuse controls.
    - If PWNISMS reveals a recurring security rule that is not covered by existing guardrails, create and apply an `ide_generated` guardrail in context.
 
-4. **Run CTM sync last.**
-   - After threat modelling is created or updated, or after guardrails are enforced during implementation, invoke the `ctm_sync` agent/workflow.
-   - Use `{{CTM_SYNC_AGENT_PATH}}` for the markdown contract and sync workflow.
-   - Pass the current threat model summary, the stable `chat_session_id`, the exact existing guardrails shortlisted earlier, and any `ide_generated` guardrails so `ctm_sync` can write a structured `.md` artifact for server-side extraction.
-   - Do not re-query guardrails during CTM sync; reuse the shortlist selected before implementation.
+4. **Write and sync the VibeReview markdown last.**
+   - After threat modelling is created or updated, or after guardrails are enforced during implementation, the main agent must write or update a structured `.md` artifact under `vibereview/`.
+   - Do not delegate markdown authoring to a subagent. The same agent that performed the work should author the artifact so the context stays intact.
+   - Use a stable path such as `vibereview/<chat_session_id>-<slugified-title-or-event-name>.md`.
+   - Required frontmatter: `chat_session_id`, `summary`, and either `title` or `event_name`. Optional frontmatter: `workflow_name`, `workflow_description`.
+   - Required sections: `Best Practices Achieved`, `Threats Mitigated`, `Secure Code Snippets`, `Guardrails Applied`, and `OWASP Top 10 2025 Mappings`.
+   - Reuse the exact existing guardrails shortlisted earlier, include any `ide_generated` guardrails, and only include grounded code snippets from actual code.
+   - Validate the markdown before sync: do not leave out `chat_session_id`, `summary`, threat metadata, guardrail satisfaction, or exact OWASP IDs/names.
+   - Call `sync_ai_ide_markdown` directly with the finished markdown artifact before finalizing the task.
+   - If sync fails, keep the file in `vibereview/`, report the failure, and do not pretend synchronization succeeded.
 
 ## When To Skip
 
@@ -42,7 +47,7 @@ If in doubt, run the workflow. A quick PWNISMS pass is better than silently miss
 
 Do not call project-profile exploration tools during normal coding tasks. The old profile walkthrough is no longer part of the agent workflow.
 
-The normal coding workflow is guardrails selection, PWNISMS threat modelling, secure implementation, then CTM sync.
+The normal coding workflow is guardrails selection, PWNISMS threat modelling, secure implementation, then VibeReview markdown sync.
 
 ## Tool Reference
 
@@ -50,5 +55,5 @@ The normal coding workflow is guardrails selection, PWNISMS threat modelling, se
 |---|---|
 | Project resolution | `find_project_by_name`, `list_projects`, `create_project`, `get_project` |
 | Guardrails | `get_guardrails`, `get_guardrail_by_id` |
-| CTM sync | `sync_ai_ide_markdown` |
+| VibeReview sync | `sync_ai_ide_markdown` |
 | Profiler only | `update_vibe_profile`, `write_default_pack` are used by init-time profiling, not normal coding tasks |

package/src/generators/rules/cursor.js

@@ -1,9 +1,8 @@
-import { existsSync } from 'node:fs';
+import { existsSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
 import {
     GUARDRAILS_PROFILER_SKILL_REL_DIR,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
-    CTM_SYNC_AGENT_REL_PATH,
     MCP_SERVER_NAME,
     THREAT_MODELLING_SKILL_REL_DIR,
 } from '../../utils/constants.js';
@@ -11,9 +10,6 @@ import { readJson, writeJson, writeText } from '../../utils/fs-helpers.js';
 import {
     getRuleContent,
     getProfileCommandContent,
-    getCtmSyncWorkflowContent,
-    getCtmSyncTriggerRuleContent,
-    getCreateIdeWorkflowCommandContent,
     getThreatModellingSkillContent,
     getGuardrailsRuleContent,
     getGuardrailsInitProfileContent,
@@ -40,6 +36,14 @@ function writeCursorCommand(filePath, content) {
     return { filePath, action };
 }
 
+function removeGeneratedText(filePath) {
+    if (existsSync(filePath)) {
+        unlinkSync(filePath);
+        return { filePath, action: 'deleted' };
+    }
+    return null;
+}
+
 /**
  * Merge `.cursor/cli.json` so Cursor CLI / Agent auto-allows security-review-mcp tools (no MCP approval prompts).
  * @see https://cursor.com/docs/cli/reference/permissions
@@ -77,24 +81,16 @@ export function generate(cwd, options = {}) {
         ...options,
         guardrailsSelectionSkillDir: GUARDRAILS_SELECTION_SKILL_REL_DIR.cursor,
         threatModellingSkillDir: THREAT_MODELLING_SKILL_REL_DIR.cursor,
-        ctmSyncAgentPath: CTM_SYNC_AGENT_REL_PATH.cursor,
     };
     const baseRulePath = join(cwd, '.cursor', 'rules', 'srai-security-review.mdc');
-    const ctmSyncTriggerRulePath = join(cwd, '.cursor', 'rules', 'ctm_sync_rule.mdc');
     const guardrailsRulePath = join(cwd, '.cursor', 'rules', 'guardrails_rule.mdc');
-    const ctmSyncWorkflowPath = join(cwd, '.cursor', 'commands', 'ctm_sync.md');
-    const ctmSyncAgentPath = join(cwd, '.cursor', 'agents', 'ctm_sync.md');
-    const createIdeWorkflowCommandPath = join(cwd, '.cursor', 'commands', 'create-ide-workflow.md');
     const profileCommandPath = join(cwd, '.cursor', 'commands', 'srai-profile.md');
     const guardrailsInitProfileCommandPath = join(cwd, '.cursor', 'commands', 'guardrails-init-profile.md');
     const skillPath = join(cwd, '.cursor', 'skills', 'threat-modelling', 'SKILL.md');
     const hooksPath = join(cwd, '.cursor', 'hooks.json');
 
     const baseRuleContent = getRuleContent(optionsWithSkillDirs);
-    const ctmSyncTriggerRuleContent = getCtmSyncTriggerRuleContent(optionsWithSkillDirs);
     const guardrailsRuleContent = getGuardrailsRuleContent(optionsWithSkillDirs);
-    const ctmSyncWorkflowContent = getCtmSyncWorkflowContent(optionsWithSkillDirs);
-    const createIdeWorkflowCommandContent = getCreateIdeWorkflowCommandContent(optionsWithSkillDirs);
     const profileCommandContent = getProfileCommandContent(optionsWithSkillDirs);
     const guardrailsInitProfileCommandContent = getGuardrailsInitProfileContent({
         ...optionsWithSkillDirs,
@@ -108,15 +104,17 @@ export function generate(cwd, options = {}) {
         baseRuleContent,
     );
 
-    const ctmSyncTriggerRule = writeCursorCommand(ctmSyncTriggerRulePath, ctmSyncTriggerRuleContent);
     const guardrailsRule = writeCursorRule(
         guardrailsRulePath,
         'Vibe Guardrails — fetch and enforce project-specific secure coding guardrails from SRAI',
         guardrailsRuleContent,
     );
-    const ctmSyncWorkflow = writeCursorCommand(ctmSyncWorkflowPath, ctmSyncWorkflowContent);
-    const ctmSyncAgent = writeCursorCommand(ctmSyncAgentPath, ctmSyncWorkflowContent);
-    const createIdeWorkflowCommand = writeCursorCommand(createIdeWorkflowCommandPath, createIdeWorkflowCommandContent);
+    const deletedLegacyRule = removeGeneratedText(join(cwd, '.cursor', 'rules', 'ctm_sync_rule.mdc'));
+    const deletedLegacyCommand = removeGeneratedText(join(cwd, '.cursor', 'commands', 'ctm_sync.md'));
+    const deletedLegacyAgent = removeGeneratedText(join(cwd, '.cursor', 'agents', 'ctm_sync.md'));
+    const deletedLegacyWorkflowCommand = removeGeneratedText(
+        join(cwd, '.cursor', 'commands', 'create-ide-workflow.md'),
+    );
 
     const profileCommand = writeCursorCommand(profileCommandPath, profileCommandContent);
     const guardrailsInitProfileCommand = writeCursorCommand(
@@ -134,15 +132,15 @@ export function generate(cwd, options = {}) {
 
     return [
         { ...baseRule, kind: 'rule' },
-        { ...ctmSyncTriggerRule, kind: 'rule' },
         { ...guardrailsRule, kind: 'rule' },
-        { ...ctmSyncWorkflow, kind: 'command' },
-        { ...ctmSyncAgent, kind: 'agent' },
-        { ...createIdeWorkflowCommand, kind: 'command' },
         { ...profileCommand, kind: 'command' },
         { ...guardrailsInitProfileCommand, kind: 'command' },
         { filePath: skillPath, action: skillAction, kind: 'skill' },
         { filePath: hooksPath, action: hooksAction, kind: 'hooks' },
         { ...cliPermissions, kind: 'config' },
+        ...(deletedLegacyRule ? [{ ...deletedLegacyRule, kind: 'cleanup' }] : []),
+        ...(deletedLegacyCommand ? [{ ...deletedLegacyCommand, kind: 'cleanup' }] : []),
+        ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),
+        ...(deletedLegacyWorkflowCommand ? [{ ...deletedLegacyWorkflowCommand, kind: 'cleanup' }] : []),
     ];
 }

package/src/generators/rules/guardrails-selection/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: guardrails-selection
-description: Analyze the developer request, infer the security categories and likely threats involved, shortlist the most relevant project guardrails, then hydrate the exact guardrails with get_guardrail_by_id before implementation. Use for every security-relevant code task before code is written and preserve the shortlist for CTM sync.
+description: Analyze the developer request, infer the security categories and likely threats involved, shortlist the most relevant project guardrails, then hydrate the exact guardrails with get_guardrail_by_id before implementation. Use for every security-relevant code task before code is written and preserve the shortlist for the final VibeReview sync.
 ---
 
 # Guardrails Selection
@@ -16,7 +16,7 @@ This skill exists to stop the IDE from treating the full `get_guardrails` result
 3. Predict the threats that might occur for this exact task.
 4. Shortlist only the guardrails that mitigate those threats.
 5. Fetch the exact shortlisted guardrails with `get_guardrail_by_id`.
-6. Carry that same shortlist forward into implementation and `ctm_sync`.
+6. Carry that same shortlist forward into implementation and the final VibeReview markdown sync.
 
 Do not skip the analysis step. Do not rely on title-matching alone. Do not dump every guardrail into the final answer.
 
@@ -160,11 +160,11 @@ Once the shortlist is hydrated:
 
 When deciding whether a guardrail applies, prefer security-preserving inclusion over risky omission. If it plausibly mitigates a realistic path to abuse for the current task, keep it in scope.
 
-## CTM Sync Handoff Contract
+## VibeReview Sync Contract
 
-`ctm_sync` must reuse the shortlist from this skill. It must not call `get_guardrails` or `get_guardrail_by_id` again.
+The final sync step must reuse the shortlist from this skill. It must not call `get_guardrails` or `get_guardrail_by_id` again.
 
-Before `ctm_sync` is invoked, ensure the parent context clearly contains:
+Before `sync_ai_ide_markdown` is called, ensure the main agent context clearly contains:
 
 - the exact existing guardrails shortlisted earlier
 - which of them were applied
@@ -182,6 +182,6 @@ A good selection does all of the following:
 - captures adjacent controls that stop bypass chains
 - avoids irrelevant noise
 - produces a small, defensible set of guardrails that can actually guide implementation
-- leaves `ctm_sync` with an exact list of what the IDE selected and enforced
+- leaves the final VibeReview markdown with an exact list of what the IDE selected and enforced
 
 If your shortlist feels generic, it is probably incomplete or over-broad. Re-check the prompt, the code patterns, and the threat map.

package/src/generators/rules/guardrails-selection/references/category-threat-map.md

@@ -229,4 +229,4 @@ Likely threat families:
 - Shortlist for exploit chains, not isolated weaknesses.
 - Logging often matters because poor auditability can turn spoofing, tampering, or privilege abuse into repudiation.
 - Client-side logic often needs server-side guardrails even if the visible change is in the UI.
-- If no existing guardrail covers a realistic recurring threat, create an `ide_generated` guardrail and carry it into `ctm_sync`.
+- If no existing guardrail covers a realistic recurring threat, create an `ide_generated` guardrail and carry it into the final VibeReview markdown sync.

package/src/generators/rules/guardrails_rule.md

@@ -34,7 +34,7 @@ That skill is mandatory because the IDE must not leave guardrail selection to ch
 - **Load the broad catalog** — call `get_guardrails` with `project_id`.
 - **Shortlist intentionally** — choose only the guardrails that mitigate the categories and likely threats for the current task.
 - **Hydrate the exact shortlist** — call `get_guardrail_by_id` for the shortlisted guardrail ids so implementation uses the exact selected guardrails, not a vague reading of the full catalog.
-- **Preserve the shortlist** — keep the selected existing guardrails in context so `ctm_sync` can include the same guardrails later without re-querying.
+- **Preserve the shortlist** — keep the selected existing guardrails in context so the final VibeReview markdown can include the same guardrails later without re-querying.
 
 The broad `get_guardrails` result is only the candidate catalog. The active implementation guardrails must come from the shortlisted `get_guardrail_by_id` result.
 
@@ -63,7 +63,7 @@ Guardrails and PWNISMS are complementary:
 
 - Guardrails provide **project-specific, concrete rules** derived from prior threat reviews, compliance requirements, and team decisions.
 - PWNISMS provides **universal threat-category coverage** to catch gaps that guardrails may not yet cover.
-- When PWNISMS analysis reveals a gap not covered by any existing guardrail, **create a new guardrail on the fly** and apply it immediately (marked `source: "ide_generated"` in CTM sync).
+- When PWNISMS analysis reveals a gap not covered by any existing guardrail, **create a new guardrail on the fly** and apply it immediately (marked `source: "ide_generated"` in the VibeReview markdown).
 
 ### 4. Report guardrail compliance
 
@@ -71,7 +71,7 @@ After code generation, include a brief guardrails compliance summary:
 
 - List which guardrails were applied (by title), distinguishing existing vs IDE-generated.
 - Flag any guardrails that could not be fully satisfied and explain why.
-- Do not drop shortlisted existing guardrails from session context. `ctm_sync` must receive the same shortlist, including any unsatisfied items with notes.
+- Do not drop shortlisted existing guardrails from session context. The final VibeReview markdown must include the same shortlist, including any unsatisfied items with notes.
 
 ---
 
@@ -79,9 +79,9 @@ After code generation, include a brief guardrails compliance summary:
 
 Guardrails are living artifacts. The IDE agent can create, apply, and update them:
 
-- **New guardrail**: When threat modeling or code review reveals a recurring security pattern not yet captured, the IDE agent creates and applies a new guardrail on the fly. These are reported to SRAI via CTM sync with `source: "ide_generated"`.
+- **New guardrail**: When threat modeling or code review reveals a recurring security pattern not yet captured, the IDE agent creates and applies a new guardrail on the fly. These are reported to SRAI in the final VibeReview markdown with `source: "ide_generated"`.
 - **Edit suggestion**: When an existing guardrail is too broad, too narrow, or outdated, suggest an update to the user.
-- All guardrails — existing and IDE-generated — must be preserved in the CTM sync markdown under a single `Guardrails Applied` section that the server can normalize into `guardrails_applied`.
+- All guardrails — existing and IDE-generated — must be preserved in the VibeReview markdown under a single `Guardrails Applied` section that the server can normalize into `guardrails_applied`.
 
 ---
 

package/src/generators/rules/hooks.json

@@ -3,7 +3,7 @@
   "hooks": {
     "sessionStart": [
       {
-        "command": "printf '%s\\n' '{\"additional_context\":\"## MANDATORY SECURITY GATE (Session Policy)\\n\\nFor ANY user request that has security impact (auth, crypto, input handling, secrets, network, data storage, dependencies, new APIs/endpoints, or any code handling untrusted data):\\n\\n**Plan order:**\\n1. **Fetch Vibe Guardrails (first)** - Use .cursor/skills/guardrails-selection/SKILL.md. Analyze the task, call get_guardrails from security-review-mcp to load the broad catalog, shortlist the relevant guardrails, then call get_guardrail_by_id for the shortlist. These exact shortlisted guardrails are the hard constraints on generated code.\\n2. **PWNISMS threat modeling (second)** - Run threat modeling as a guide before writing code. Use .cursor/skills/threat-modelling/SKILL.md. Cross-reference guardrails with PWNISMS findings to identify gaps. Document findings to inform secure implementation.\\n3. **Implement secure code (third)** - Use the threat model findings AND shortlisted guardrails as guides to create secure code. Every must guardrail must be satisfied; no must_not guardrail may be violated.\\n4. **ctm_sync (last)** - Write a structured `.md` sync artifact and push it to SRAI only after implementation is done. Invoke ctm_sync agent (Task tool, subagent_type=ctm_sync) as the final step. Include the exact shortlisted guardrails from earlier plus any IDE-generated guardrails in the markdown; do not query again during ctm_sync. See .cursor/agents/ctm_sync.md and .cursor/rules/ctm_sync_rule.mdc.\\n\\nNo blocking. No deferral. Guardrails enforce secure code; threat modeling guides the design; ctm_sync runs last to sync the markdown artifact to SRAI. Both ctm_sync and guardrail compliance are mandatory and should be part of your to-do.\"}'",
+        "command": "printf '%s\\n' '{\"additional_context\":\"## MANDATORY SECURITY GATE (Session Policy)\\n\\nFor ANY user request that has security impact (auth, crypto, input handling, secrets, network, data storage, dependencies, new APIs/endpoints, or any code handling untrusted data):\\n\\n**Plan order:**\\n1. **Fetch Vibe Guardrails (first)** - Use .cursor/skills/guardrails-selection/SKILL.md. Analyze the task, call get_guardrails from security-review-mcp to load the broad catalog, shortlist the relevant guardrails, then call get_guardrail_by_id for the shortlist. These exact shortlisted guardrails are the hard constraints on generated code.\\n2. **PWNISMS threat modeling (second)** - Run threat modeling as a guide before writing code. Use .cursor/skills/threat-modelling/SKILL.md. Cross-reference guardrails with PWNISMS findings to identify gaps. Document findings to inform secure implementation.\\n3. **Implement secure code (third)** - Use the threat model findings AND shortlisted guardrails as guides to create secure code. Every must guardrail must be satisfied; no must_not guardrail may be violated.\\n4. **VibeReview sync (last)** - The main agent must write a structured `.md` artifact under `vibereview/`, validate that all required metadata and sections are present, and call `sync_ai_ide_markdown` directly after implementation is done. Include the exact shortlisted guardrails from earlier plus any IDE-generated guardrails in the markdown; do not query guardrails again during sync.\\n\\nNo blocking. No deferral. Guardrails enforce secure code; threat modeling guides the design; the main agent owns the final markdown sync to SRAI. Both sync and guardrail compliance are mandatory and should be part of your to-do.\"}'",
         "timeout": 5
       }
     ]

package/src/generators/rules/skill.md

@@ -1,6 +1,6 @@
 ---
 name: PWNISMS Threat Modelling
-description: Security-first threat modelling workflow for code and architecture tasks. Walks all 7 PWNISMS categories, enforces vibe guardrails (secure by code), and synchronizes findings via CTM sync. Use before, during, and after implementation.
+description: Security-first threat modelling workflow for code and architecture tasks. Walks all 7 PWNISMS categories, enforces vibe guardrails (secure by code), and synchronizes findings via a direct VibeReview markdown sync. Use before, during, and after implementation.
 ---
 
 # PWNISMS — Security-First Threat Modelling
@@ -21,7 +21,7 @@ Before deep analysis, ensure the project-specific guardrail shortlist exists:
 1. Use `{{GUARDRAILS_SELECTION_SKILL_DIR}}/SKILL.md`.
 2. Resolve the project with `find_project_by_name` using `name="<SRAI_PROJECT_NAME>"`.
 3. Call `get_guardrails`, shortlist intentionally for this task, then hydrate the exact shortlist with `get_guardrail_by_id`.
-4. Keep the shortlisted existing guardrails in context for implementation and `ctm_sync`.
+4. Keep the shortlisted existing guardrails in context for implementation and the final VibeReview markdown sync.
 
 Do not perform project-profile exploration as part of PWNISMS. The old profile tools are not part of this workflow. Ground the threat model in the user request, repository code, diffs, architecture docs the user provides, and the shortlisted guardrails.
 
@@ -160,7 +160,7 @@ After completing the PWNISMS analysis and before writing code:
    - `must` rules → mandatory implementation requirements. Every applicable `must` guardrail must be satisfied.
    - `must_not` rules → hard prohibitions. Code must never violate an applicable `must_not` guardrail.
 4. **Flag conflicts** — If a guardrail conflicts with the user's explicit instruction, flag it and ask for confirmation.
-5. **Create new guardrails on the fly** — When PWNISMS analysis or code review reveals a recurring security pattern not captured by existing guardrails, create and apply it as a new guardrail (marked `source: "ide_generated"` in CTM sync). Include `title`, `rule_type` (must/must_not), `category`, `instruction`, and rationale in the notes.
+5. **Create new guardrails on the fly** — When PWNISMS analysis or code review reveals a recurring security pattern not captured by existing guardrails, create and apply it as a new guardrail (marked `source: "ide_generated"` in the VibeReview markdown). Include `title`, `rule_type` (must/must_not), `category`, `instruction`, and rationale in the notes.
 
 ---
 
@@ -197,19 +197,19 @@ When discussing designs before code exists:
 
 ---
 
-## Phase 5 — CTM Sync (Post Threat Modelling)
+## Phase 5 — VibeReview Sync (Post Threat Modelling)
 
-**MANDATORY:** After every threat modeling step that produces or modifies threat content, synchronize via `ctm_sync`.
+**MANDATORY:** After every threat modeling step that produces or modifies threat content, the main agent must update the `vibereview/*.md` artifact and call `sync_ai_ide_markdown` directly.
 
-### What triggers CTM sync
+### What triggers the VibeReview sync
 
 - New threat model generated (any form: scenarios, data flows, attack trees, PWNISMS analysis)
 - Existing threat model updated or extended (new threats, refined mitigations, additional components)
 - Guardrails applied during a code-generation task (existing or IDE-generated)
 
-### What CTM sync uploads
+### What the VibeReview markdown must contain
 
-The `ctm_sync` agent writes a structured `.md` artifact and uploads it through `sync_ai_ide_markdown`. That markdown should contain:
+The main agent writes a structured `.md` artifact under `vibereview/` and uploads it through `sync_ai_ide_markdown`. That markdown should contain:
 
 - **Threat model findings**: threats mitigated, PWNISMS categories, severities, mitigations applied
 - **Best practices achieved**: security patterns followed during implementation
@@ -217,14 +217,23 @@ The `ctm_sync` agent writes a structured `.md` artifact and uploads it through `
 - **Guardrails applied**: all guardrails enforced during this session — both existing ones shortlisted earlier via `get_guardrails` + `get_guardrail_by_id` (`source: "existing"`) and new ones the IDE agent created on the fly (`source: "ide_generated"`), each with satisfaction status
 - **Workflow metadata**: `chat_session_id`, `event_name` or `title`, required `summary`, and optional `workflow_name` / `workflow_description`
 
-### How to invoke
-
-Use the host's `ctm_sync` agent/workflow with:
-- A clear description of what was threat-modeled
-- The `chat_session_id` for workflow routing
-- Whether this is a new threat model or an update
-
-See `{{CTM_SYNC_AGENT_PATH}}` for the full workflow and markdown schema.
+### How to sync
+
+1. Write or update a file under `vibereview/`, ideally `vibereview/<chat_session_id>-<slugified-title-or-event-name>.md`.
+2. Put `chat_session_id`, `summary`, and either `title` or `event_name` in frontmatter.
+3. Include the required sections:
+   - `Best Practices Achieved`
+   - `Threats Mitigated`
+   - `Secure Code Snippets`
+   - `Guardrails Applied`
+   - `OWASP Top 10 2025 Mappings`
+4. Validate that:
+   - every threat entry includes `threat_name`, `pwnisms_category`, `severity`, and `mitigation_applied`
+   - every guardrail includes `title`, `rule_type`, `source`, and `satisfied`
+   - OWASP mappings use exact IDs and names
+   - snippets are grounded in actual code, not invented text
+5. Call `sync_ai_ide_markdown` directly with the finished markdown artifact.
+6. If sync fails, leave the artifact in `vibereview/` and report the failure clearly.
 
 ---
 
@@ -239,6 +248,6 @@ Before finalizing output, confirm:
 - [ ] Residual risk and follow-up actions are stated.
 - [ ] Vibe guardrails were fetched and enforced (all applicable `must`/`must_not` rules satisfied).
 - [ ] Guardrail compliance summary is included in the response (existing + IDE-generated).
-- [ ] CTM sync was invoked to upload threat model and guardrail data.
+- [ ] The VibeReview markdown was written under `vibereview/` and `sync_ai_ide_markdown` was called successfully.
 
 If ANY box cannot be checked, you MUST flag the gap to the user with a specific remediation recommendation before finalizing the code.

package/src/generators/rules/vscode.js

@@ -1,12 +1,11 @@
-import { existsSync } from 'node:fs';
+import { existsSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
 import {
-    CTM_SYNC_AGENT_REL_PATH,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
     THREAT_MODELLING_SKILL_REL_DIR,
 } from '../../utils/constants.js';
 import { upsertSentinelBlock, writeText } from '../../utils/fs-helpers.js';
-import { getCtmSyncWorkflowContent, getRuleContent, getThreatModellingSkillContent } from './content.js';
+import { getRuleContent, getThreatModellingSkillContent } from './content.js';
 
 function writeGeneratedText(filePath, content) {
     const action = existsSync(filePath) ? 'updated' : 'created';
@@ -14,6 +13,14 @@ function writeGeneratedText(filePath, content) {
     return { filePath, action };
 }
 
+function removeGeneratedText(filePath) {
+    if (existsSync(filePath)) {
+        unlinkSync(filePath);
+        return { filePath, action: 'deleted' };
+    }
+    return null;
+}
+
 function getCopilotSessionHookContent() {
     const additionalContext = [
         '## MANDATORY SECURITY GATE (Session Policy)',
@@ -23,9 +30,9 @@ function getCopilotSessionHookContent() {
         '1. Fetch Vibe Guardrails first using .github/skills/guardrails-selection/SKILL.md. Resolve the project, call get_guardrails, shortlist relevant guardrails, then call get_guardrail_by_id for the shortlist.',
         '2. Run PWNISMS threat modelling using .github/skills/threat-modelling/SKILL.md. Explicitly walk Product, Workload, Network, IAM, Secrets, Monitoring, and Supply Chain.',
         '3. Implement secure code using both the hydrated guardrails and PWNISMS findings.',
-        '4. Run the ctm_sync custom agent using .github/agents/ctm_sync.agent.md after threat modelling or guardrail enforcement. Reuse the exact guardrail shortlist; do not re-query guardrails during CTM sync. The agent should write a structured .md sync artifact and upload it with sync_ai_ide_markdown.',
+        '4. Write a structured .md artifact under vibereview/, validate it, and call sync_ai_ide_markdown directly after threat modelling or guardrail enforcement. Reuse the exact guardrail shortlist; do not re-query guardrails during the final sync.',
         '',
-        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, ctm_sync last.',
+        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, VibeReview sync last.',
     ].join('\n');
 
     const commandPayload = JSON.stringify({
@@ -60,7 +67,6 @@ export function generate(cwd, options = {}) {
         ...options,
         guardrailsSelectionSkillDir: GUARDRAILS_SELECTION_SKILL_REL_DIR.vscode,
         threatModellingSkillDir: THREAT_MODELLING_SKILL_REL_DIR.vscode,
-        ctmSyncAgentPath: CTM_SYNC_AGENT_REL_PATH.vscode,
     };
     const filePath = join(cwd, '.github', 'copilot-instructions.md');
     const content = getRuleContent(optionsWithSkillDirs);
@@ -72,11 +78,7 @@ export function generate(cwd, options = {}) {
         getThreatModellingSkillContent(optionsWithSkillDirs),
     );
 
-    const ctmSyncAgentPath = join(cwd, CTM_SYNC_AGENT_REL_PATH.vscode);
-    const ctmSyncAgent = writeGeneratedText(
-        ctmSyncAgentPath,
-        getCtmSyncWorkflowContent(optionsWithSkillDirs),
-    );
+    const deletedLegacyAgent = removeGeneratedText(join(cwd, '.github', 'agents', 'ctm_sync.agent.md'));
 
     const hooksPath = join(cwd, '.github', 'hooks', 'srai-session-policy.json');
     const hooks = writeGeneratedText(hooksPath, getCopilotSessionHookContent());
@@ -84,7 +86,7 @@ export function generate(cwd, options = {}) {
     return [
         { filePath, action, kind: 'rule' },
         { ...threatSkill, kind: 'skill' },
-        { ...ctmSyncAgent, kind: 'agent' },
         { ...hooks, kind: 'hooks' },
+        ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),
     ];
 }

package/src/generators/rules/vscode.test.js

@@ -5,7 +5,7 @@ import { test } from 'node:test';
 import assert from 'node:assert/strict';
 import { generate } from './vscode.js';
 
-test('VS Code Copilot generator writes instructions, skills, agent, and hooks', () => {
+test('VS Code Copilot generator writes instructions, skills, and hooks', () => {
     const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-vscode-'));
 
     const results = generate(cwd, { projectName: 'SmokeProject' });
@@ -13,7 +13,6 @@ test('VS Code Copilot generator writes instructions, skills, agent, and hooks',
     const expectedPaths = [
         '.github/copilot-instructions.md',
         '.github/skills/threat-modelling/SKILL.md',
-        '.github/agents/ctm_sync.agent.md',
         '.github/hooks/srai-session-policy.json',
     ];
 
@@ -21,29 +20,25 @@ test('VS Code Copilot generator writes instructions, skills, agent, and hooks',
         assert.equal(existsSync(join(cwd, relPath)), true, `${relPath} should exist`);
     }
 
-    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'agent', 'hooks']);
+    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'hooks']);
 
     const instructions = readFileSync(join(cwd, '.github/copilot-instructions.md'), 'utf8');
     assert.match(instructions, /\.github\/skills\/guardrails-selection\/SKILL\.md/);
     assert.match(instructions, /\.github\/skills\/threat-modelling\/SKILL\.md/);
-    assert.match(instructions, /\.github\/agents\/ctm_sync\.agent\.md/);
+    assert.match(instructions, /sync_ai_ide_markdown/);
+    assert.match(instructions, /vibereview\//);
     assert.doesNotMatch(instructions, /\.cursor/);
 
     const threatSkill = readFileSync(join(cwd, '.github/skills/threat-modelling/SKILL.md'), 'utf8');
     for (const heading of ['Product', 'Workload', 'Network', 'IAM', 'Secrets', 'Monitoring', 'Supply Chain']) {
         assert.match(threatSkill, new RegExp(heading));
     }
-    assert.match(threatSkill, /\.github\/agents\/ctm_sync\.agent\.md/);
+    assert.match(threatSkill, /sync_ai_ide_markdown/);
+    assert.match(threatSkill, /vibereview\//);
     assert.doesNotMatch(threatSkill, /get_project_profile_description/);
 
-    const agent = readFileSync(join(cwd, '.github/agents/ctm_sync.agent.md'), 'utf8');
-    assert.match(agent, /Configured SRAI project name: `SmokeProject`/);
-    assert.match(agent, /sync_ai_ide_markdown/);
-    assert.match(agent, /structured markdown artifact/i);
-    assert.match(agent, /OWASP Top 10 2025 Mappings/);
-    assert.match(agent, /vibereview\//);
-    assert.doesNotMatch(agent, /Call `create_ai_ide_event` with/i);
-
     const hooks = JSON.parse(readFileSync(join(cwd, '.github/hooks/srai-session-policy.json'), 'utf8'));
     assert.equal(hooks.hooks.SessionStart[0].type, 'command');
+    assert.match(hooks.hooks.SessionStart[0].command, /vibereview/);
+    assert.match(hooks.hooks.SessionStart[0].command, /sync_ai_ide_markdown/);
 });

package/src/utils/constants.js

@@ -83,13 +83,5 @@ export const THREAT_MODELLING_SKILL_REL_DIR = {
     codex: '.codex/skills/threat-modelling',
 };
 
-/** Relative workspace paths for the CTM sync agent/workflow (per IDE / CLI). */
-export const CTM_SYNC_AGENT_REL_PATH = {
-    cursor: '.cursor/agents/ctm_sync.md',
-    claude: '.claude/agents/ctm_sync.md',
-    vscode: '.github/agents/ctm_sync.agent.md',
-    codex: '.codex/agents/ctm_sync.toml',
-};
-
 export const SENTINEL_START = '<!-- securityreview-kit:start -->';
 export const SENTINEL_END = '<!-- securityreview-kit:end -->';

package/src/generators/rules/create-ide-workflow.md

@@ -1,34 +0,0 @@
----
-name: create-ide-workflow
-description: Create an AI IDE workflow in SRAI via security-review-mcp.
----
-
-# Create IDE Workflow
-
-Use `security-review-mcp` to create a workflow by calling:
-
-- `create_ai_ide_workflow`
-
-Required payload fields:
-
-- `project_id`
-- `name`
-- `description`
-
-## Steps
-
-1. Resolve `project_id`.
-   - Use configured project name `<SRAI_PROJECT_NAME>` by default.
-   - Call `find_project_by_name` with `name="<SRAI_PROJECT_NAME>"`.
-   - If not found, call `list_projects` and select the right project.
-2. Build `name` and `description` from the user request.
-   - Keep `name` short and action-oriented.
-   - Keep `description` specific about trigger and output.
-3. Call `create_ai_ide_workflow` with:
-   - `project_id`
-   - `name`
-   - `description`
-4. Return a concise confirmation including:
-   - project id
-   - workflow name
-   - workflow id from MCP response (if returned)

package/src/generators/rules/ctm_sync.md

@@ -1,215 +0,0 @@
----
-name: ctm_sync
-description: Command/workflow triggered whenever a threat model is generated or updated, or guardrails are proposed/modified. Writes a grounded AI IDE sync markdown file and uploads it through security-review-mcp.
----
-
-# CTM Sync Workflow
-
-Configured SRAI project name: `<SRAI_PROJECT_NAME>`
-
-When invoked:
-
-0. Verify `sync_ai_ide_markdown` exists in `security-review-mcp`.
-1. Read the parent agent context and extract the latest threat model details, guardrail outcomes, and grounded code snippets from the actual work completed in this session.
-2. **Chat session identity (required)** — The markdown MUST include a stable `chat_session_id` for the current IDE chat session:
-   - Use a session identifier supplied by the host environment when one exists (for example, the IDE conversation or session id).
-   - If none exists, use a single UUID (or equivalent) generated **once** at the start of this chat and reused for every `ctm_sync` in the same session.
-   - Put `chat_session_id` in frontmatter whenever possible. The value must exist somewhere in the markdown even if frontmatter is unavailable.
-3. **Create a structured markdown artifact** — `ctm_sync` is now a thin sync shim. Do not build a JSON payload and do not perform workflow lookup or creation client-side. Instead, write a `.md` file under `vibereview/` so all sync artifacts stay in one predictable place. Create the directory if it does not already exist. The markdown file should give the server everything it needs to extract the structured event.
-4. **Populate the markdown with grounded content**:
-   - Include the exact shortlisted existing guardrails selected earlier plus any `ide_generated` guardrails created during the session.
-   - Use real code snippets from the files changed or inspected in this session. Never invent code or mitigation text.
-   - Keep threat names, severities, PWNISMS categories, guardrail satisfaction, and OWASP mappings aligned with the actual work performed.
-5. **Upload the markdown**:
-   - Call `sync_ai_ide_markdown` with the markdown artifact.
-   - The server is responsible for normalizing author identity, deriving a workflow name from the title when needed, and extracting structured output from the markdown.
-6. **Stop there** — Do not call `create_ai_ide_event`, `create_ai_ide_workflow`, or client-side user identity tools from `ctm_sync`.
-
----
-
-## Markdown Contract
-
-The markdown file must be a `.md` document written under `vibereview/`, with frontmatter when available and clear, structured sections underneath. Keep the structure deterministic so the server can parse it reliably.
-
-Recommended path pattern:
-
-```text
-vibereview/<chat_session_id>-<slugified-title-or-event-name>.md
-```
-
-If a safe filename cannot be derived, use any stable `.md` filename inside `vibereview/`.
-
-### Frontmatter
-
-Use YAML frontmatter at the top of the file whenever possible:
-
-```yaml
----
-chat_session_id: "<required stable session id>"
-workflow_name: "<optional short workflow name>"
-workflow_description: "<optional workflow description>"
-title: "<required event title if event_name is omitted>"
-event_name: "<required event name if title is omitted>"
-summary: "<required concise summary>"
----
-```
-
-Rules:
-
-- `chat_session_id` must exist somewhere in the markdown, but frontmatter is preferred.
-- `workflow_name` is optional. If omitted, the server derives it from the title.
-- `workflow_description` is optional.
-- Either `event_name` or `title` must exist. Including both is allowed.
-- `summary` must exist.
-- `developer_name` and `developer_email` in the markdown are ignored. The server always uses the authenticated API user.
-
-### Body sections
-
-Use clear Markdown headings. The exact wording below is preferred because it keeps parsing simple and consistent.
-
-#### Best Practices Achieved
-
-Use plain bullet strings:
-
-```md
-## Best Practices Achieved
-
-- Enforced server-side authorization before updating workflow state.
-- Used parameterized queries for threat-model persistence.
-```
-
-Internally the server accepts both `best_practises_achieved` and `best_practices_achieved`, but authored markdown should prefer a normal `Best Practices Achieved` section with bullets.
-
-#### Threats Mitigated
-
-Each threat entry should include all of the following:
-
-- `threat_name`
-- `pwnisms_category`
-- `severity`
-- `mitigation_applied`
-- grounded code snippet info if available
-
-Preferred structure:
-
-```md
-## Threats Mitigated
-
-### Threat 1
-- threat_name: Missing authorization check on workflow sync endpoint
-- pwnisms_category: IAM
-- severity: High
-- mitigation_applied: Added server-side authorization before allowing markdown sync writes.
-- file_path: src/routes/sync.js
-- language: javascript
-- snippet: |
-    if (!user || !user.canSyncWorkflows) {
-      throw new ForbiddenError('Not allowed to sync workflow markdown');
-    }
-- explanation: Prevents unauthorized users from creating or updating AI IDE sync events.
-```
-
-Notes:
-
-- Snippets must be real code from the repo or actual generated output, not invented text.
-- If no code snippet exists for a threat, omit the snippet block and explain the mitigation in prose.
-
-#### Secure Code Snippets
-
-Include security-relevant snippets that may or may not map 1:1 with a threat:
-
-```md
-## Secure Code Snippets
-
-### Snippet 1
-- file_path: src/server/markdown-sync.ts
-- language: typescript
-- snippet: |
-    const markdown = await fs.readFile(inputPath, 'utf8');
-    await securityReview.syncAiIdeMarkdown({ markdown });
-- explanation: Sends the structured markdown artifact directly to the server-side sync pipeline.
-```
-
-#### Guardrails Applied
-
-Each guardrail should include:
-
-- `title`
-- `rule_type` as `must` or `must_not`
-- `source` as `existing` or `ide_generated`
-- `satisfied` as `true` or `false`
-
-Preferred structure:
-
-```md
-## Guardrails Applied
-
-### Guardrail 1
-- title: Enforce authorization on workflow updates
-- rule_type: must
-- category: authorization
-- instruction: Require an authenticated, authorized user before mutating workflow records.
-- source: existing
-- satisfied: true
-- notes: Applied in the server-side markdown sync handler.
-```
-
-The exact shortlist from earlier in the session must be carried forward. Do not call `get_guardrails` or `get_guardrail_by_id` inside `ctm_sync`.
-
-#### OWASP Top 10 2025 Mappings
-
-Use exact IDs and names:
-
-```md
-## OWASP Top 10 2025 Mappings
-
-- A01: Broken Access Control
-- A04: Cryptographic Failures
-```
-
-Allowed values:
-
-| ID | Name |
-|---|---|
-| `A01` | Broken Access Control |
-| `A02` | Security Misconfiguration |
-| `A03` | Software Supply Chain Failures |
-| `A04` | Cryptographic Failures |
-| `A05` | Injection |
-| `A06` | Insecure Design |
-| `A07` | Authentication Failures |
-| `A08` | Software or Data Integrity Failures |
-| `A09` | Security Logging and Alerting Failures |
-| `A10` | Mishandling of Exceptional Conditions |
-
----
-
-## Constraints
-
-- The artifact written by `ctm_sync` must be a `.md` file under `vibereview/`.
-- `chat_session_id` must never be omitted.
-- `summary` must never be omitted.
-- `event_name` or `title` must exist.
-- `workflow_name` and `workflow_description` are optional.
-- `developer_name` and `developer_email` should not influence sync behavior; the server ignores them.
-- Every threat entry must include `threat_name`, `pwnisms_category`, `severity`, and `mitigation_applied`.
-- PWNISMS categories must match the supported set: `Product`, `Workload`, `Network`, `IAM`, `Secrets`, `Monitoring`, `Supply Chain`.
-- `severity` should be one of `Critical`, `High`, `Medium`, or `Low`.
-- Guardrails must include `title`, `rule_type`, `source`, and `satisfied`.
-- `rule_type` must be `must` or `must_not`.
-- `source` must be `existing` or `ide_generated`.
-- `satisfied` must be `true` or `false`.
-- OWASP mappings must use the exact IDs and names listed above.
-- Snippets must be grounded in real code. Never fabricate examples just to fill the markdown.
-- Do not call client-side workflow creation, event creation, or developer identity tools from `ctm_sync`.
-
----
-
-## Output Contract
-
-- Never skip sync when a threat model or guardrail-compliance update exists.
-- Never invent missing values; omit optional fields or use concise prose when exact structured data is unavailable.
-- Return a compact confirmation after upload including:
-  - the markdown file path used for sync, which should point inside `vibereview/`
-  - whether `workflow_name` was explicit or left for server-side derivation
-  - count of guardrails included (existing vs IDE-generated)

package/src/generators/rules/ctm_sync_rule.md

@@ -1,88 +0,0 @@
----
-description: ctm_sync agent trigger rule
-alwaysApply: true
----
-# Continuous Threat Modeling Sync (`ctm_sync`)
-
-**Always synchronize threat models and guardrail compliance after they are (re)generated.**
-
-Any time an AI agent:
-- generates a **new threat model**, or  
-- **updates** an existing threat model, or  
-- performs a **non-trivial extension** of an existing threat model (e.g., adds new threat scenarios, countermeasures, data flows, or components), or
-- **applies vibe guardrails** during a code-generation task (existing or IDE-generated) and has guardrail compliance data to report,
-
-it **must immediately call** the `ctm_sync` agent to synchronize the latest threat modeling state and guardrail data.
-
-This rule applies regardless of:
-- which methodology is used (PWNISMS, STRIDE, OWASP, etc.),
-- which skill or MCP was used to produce the threat model, and
-- whether the threat model is partial, incremental, or "draft" form.
-
-If in doubt — **assume this rule applies**.
-
----
-
-## When this rule applies
-
-This rule is **triggered** whenever the assistant:
-
-- **Produces a threat model** in any form, such as:
-  - Threat scenarios (even a short list)
-  - Data flow diagrams or component diagrams described in text
-  - Security objectives or misuse cases
-  - Attack trees or abuse cases
-  - Structured PWNISMS analysis
-- **Extends or refines** an earlier threat model, e.g.:
-  - "Add more threats for the Payments service"
-  - "Update the data flow for the auth system"
-  - "Refine the mitigations for threat X"
-- **Enforces guardrails** during code generation and has compliance data:
-  - Guardrails were shortlisted via the guardrails-selection workflow (`get_guardrails` + `get_guardrail_by_id`) and applied to generated code
-  - New guardrails were created by the IDE agent based on gaps found
-  - Existing guardrails were flagged as unsatisfiable or conflicting
-
-This includes both:
-- Threat modeling done **directly in this conversation**, and  
-- Threat modeling done by calling **MCP tools or skills** that output threat scenarios, countermeasures, data dictionaries, or other CTM artifacts.
-
----
-
-## Required behavior
-
-**After completing any threat modeling step that produces or modifies threat content, or any code-generation step where guardrails were enforced, the assistant must:**
-
-1. **Ensure threat modeling output is finalized for this step**
-
-   - The assistant should finish producing the current threat modeling content (threat scenarios, components, data dictionaries, etc.) in the user-visible message or via tools.
-   - The assistant should not call `ctm_sync` *before* the threat model content exists; it must be called **after** threat data for this step is available.
-
-2. **Immediately call the `ctm_sync` agent**
-
-   - Use the `Task` tool (or equivalent agent launcher) with `subagent_type="ctm_sync"`.
-   - **Session routing:** In the prompt (or structured handoff), always include the **current chat's stable `chat_session_id`** — the same id for every `ctm_sync` in this conversation, and a new id for a different chat. Use the IDE/session id when exposed; otherwise generate one UUID at the start of the chat and reuse it. This ensures SRAI attaches events to the correct per-session workflow.
-   - Provide a clear, concise description in the `description`/`prompt` fields explaining:
-     - What system or component the threat model covers
-     - Whether this is a new threat model or an update
-     - Where the latest threat content can be found (e.g., "from this conversation" or "from the last threat modeling step")
-     - The `chat_session_id` value to use for this sync
-     - Whether guardrails were applied (existing and/or IDE-generated)
-     - That `ctm_sync` should write a structured `.md` artifact and upload it via `sync_ai_ide_markdown`
-   - **Do NOT include developer name or email in the handoff prompt.** Any identity fields in the markdown are ignored server-side; the authenticated API user is authoritative.
-
-   **Example invocation (conceptual, not literal code):**
-
-   Use Task tool with:
-   - subagent_type: "ctm_sync"
-   - description: "Sync latest threat model for <system/component>"
-   - prompt: Brief summary of what was threat-modeled, what artifacts were produced (threat scenarios, countermeasures, components, data dictionary, guardrails applied/proposed, etc.), and that the agent should write the sync markdown and upload it accordingly.
-   - readonly: false (it must be allowed to write/update CTM data)
-
-3. Let `ctm_sync` complete its work
-   The assistant should wait for the ctm_sync agent to complete (or reach a healthy steady state) before declaring the threat-modeling step fully done.
-   If ctm_sync returns errors that can be reasonably fixed (e.g., missing project name), the assistant should fix the issue and retry once, if possible.
-
-Acknowledge completion to the user
-After ctm_sync completes, the assistant should briefly tell the user that:
-Threat modeling is finished for this step, and
-The results have been synchronized via ctm_sync (without leaking internal tooling details beyond what is appropriate for the user's context).