@sixsevenai/ai-dlc-installer 1.2.2 → 1.2.4

package/library/agents/intent-clarifier.md

@@ -259,6 +259,101 @@ Options:
 - Let me specify: "I have specific exclusions in mind"
 ```
 
+**Integration Landscape Questions** (if integration needs unclear):
+```
+Question: "What existing systems does this need to integrate with?"
+Options:
+- Internal APIs: "Connects to our own backend services or databases"
+- Third-party SaaS: "Integrates with external platforms (Salesforce, Stripe, etc.)"
+- Legacy systems: "Must interface with older systems (mainframe, SOAP, file drops)"
+- Standalone: "No integrations needed — this operates independently"
+```
+
+```
+Question: "What does the data flow look like between systems?"
+Options:
+- Inbound only: "We consume data from other systems"
+- Outbound only: "We push data to other systems"
+- Bidirectional: "Data flows both directions with sync requirements"
+- Event-driven: "Systems communicate through events/messages asynchronously"
+```
+
+**Data Governance & Privacy Questions** (if data handling unclear):
+```
+Question: "What kind of data will this system handle?"
+Options:
+- PII: "Names, emails, addresses, phone numbers — personally identifiable info"
+- Financial: "Payment data, account numbers, transaction records"
+- Health/Medical: "Patient records, diagnoses, treatment data (PHI)"
+- Non-sensitive: "Operational data with no privacy implications"
+```
+
+```
+Question: "What compliance or data regulations apply?"
+Options:
+- GDPR: "Serves EU users — data residency, right to erasure, consent tracking"
+- HIPAA: "Handles protected health information — audit trails, encryption, BAAs"
+- SOC 2: "Enterprise SaaS — security controls, access logging, incident response"
+- Industry-specific: "PCI-DSS, FERPA, CCPA, or other sector regulation"
+```
+
+**Security Posture Questions** (if security requirements unclear):
+```
+Question: "What authentication model does this need?"
+Options:
+- SSO/OIDC: "Integrate with existing identity provider (Azure AD, Okta, Auth0)"
+- Custom auth: "Build our own authentication (username/password, MFA)"
+- API keys: "Service-to-service authentication via API keys or tokens"
+- Mixed: "Different auth for different user types or access patterns"
+```
+
+```
+Question: "What level of audit trail is required?"
+Options:
+- Full audit: "Every action logged with who, what, when — regulatory requirement"
+- Change tracking: "Track data modifications and user actions for troubleshooting"
+- Basic logging: "Standard application logs for debugging and monitoring"
+- Minimal: "No specific audit requirements beyond standard observability"
+```
+
+**Scalability & Growth Questions** (if scale expectations unclear):
+```
+Question: "What's the expected user/load scale at launch?"
+Options:
+- Small: "Under 100 concurrent users, low transaction volume"
+- Medium: "100-1,000 concurrent users, moderate throughput"
+- Large: "1,000-10,000 concurrent users, high throughput requirements"
+- Enterprise-scale: "10,000+ concurrent users, needs horizontal scaling from day one"
+```
+
+```
+Question: "How do you expect usage to grow over the next 12 months?"
+Options:
+- Steady: "Predictable, gradual growth — no spikes expected"
+- Rapid ramp: "Aggressive rollout — doubling or tripling within 6 months"
+- Seasonal/burst: "Predictable peaks (holidays, end-of-quarter, campaigns)"
+- Unknown: "New market — can't predict adoption curve yet"
+```
+
+**Migration & Transition Questions** (if replacing existing systems):
+```
+Question: "Does this replace an existing system or process?"
+Options:
+- Full replacement: "Retiring an existing system completely"
+- Partial replacement: "Replacing specific functionality while keeping the rest"
+- Net new: "No existing system — this is greenfield"
+- Augmentation: "Adding capability alongside existing systems that stay"
+```
+
+```
+Question: "If replacing something, how should users transition?"
+Options:
+- Big bang: "Hard cutover on a target date — old system goes away"
+- Phased rollout: "Migrate users/features incrementally over weeks/months"
+- Parallel running: "Run both systems simultaneously during transition period"
+- Not applicable: "This is greenfield, no migration needed"
+```
+
 **Anti-Pattern - DO NOT DO THIS**:
 ```
 ❌ WRONG: Outputting all questions as text:
@@ -343,6 +438,36 @@ Present recommendations:
 **Budget**: [If known]
 **Compliance**: [e.g., "HIPAA compliance required"]
 
+## Integration Landscape
+**Systems**: [List specific systems this integrates with]
+**Data Flow**: [Inbound, outbound, bidirectional, event-driven]
+**Protocols/APIs**: [REST, gRPC, SOAP, file-based, message queues]
+**Ownership**: [Who owns the APIs/contracts we depend on?]
+
+## Data & Compliance
+**Data Classification**: [PII, financial, health/PHI, non-sensitive]
+**Regulations**: [GDPR, HIPAA, SOC 2, PCI-DSS, CCPA, none]
+**Data Residency**: [Geographic requirements for data storage]
+**Retention**: [How long must data be kept? Deletion requirements?]
+
+## Security Requirements
+**Authentication**: [SSO/OIDC provider, custom auth, API keys]
+**Authorization**: [RBAC, ABAC, tenant isolation requirements]
+**Audit Trail**: [Full audit, change tracking, basic logging]
+**Encryption**: [At rest, in transit, field-level requirements]
+
+## Scale & Growth
+**Launch Scale**: [Concurrent users, transaction volume, data size]
+**12-Month Growth**: [Expected trajectory — steady, rapid, seasonal]
+**Multi-tenancy**: [Single-tenant, multi-tenant, tenant isolation needs]
+**Geographic**: [Single region, multi-region, CDN requirements]
+
+## Migration & Transition
+**Replaces**: [System being replaced, or "greenfield"]
+**Transition Strategy**: [Big bang, phased, parallel running]
+**Data Migration**: [Volume, complexity, transformation needs]
+**Rollback Plan**: [How to revert if transition fails]
+
 ## Scope
 
 ### In Scope
@@ -409,6 +534,10 @@ Present recommendations:
 **Don't**: Accept "it should be fast" or "users should like it"
 **Do**: Require measurable success criteria
 
+### Surface-Level Answers
+**Don't**: Accept "yes, there are compliance requirements" or "it needs to scale"
+**Do**: Probe for specifics — which regulations, what user counts, which systems, what data types
+
 ### Path Invention
 **Don't**: Create your own file path for the artifact
 **Do**: Use ONLY the enforced `outputPath` from your prompt
@@ -423,6 +552,11 @@ Intent is complete when:
 - [ ] Constraints are documented and realistic
 - [ ] Out-of-scope items prevent scope creep
 - [ ] Stakeholders are identified
+- [ ] Integration touchpoints identified with specific systems named
+- [ ] Data classification and applicable regulations documented
+- [ ] Authentication model and audit requirements specified
+- [ ] Scale expectations quantified with actual numbers
+- [ ] Migration strategy defined (or confirmed greenfield)
 - [ ] Saved to EXACT enforced path
 
 ## Integration Points

package/library/commands/ai-dlc/analyze-refinement-scope.md

@@ -64,7 +64,7 @@ ai-dlc prepare ai-dlc:analyze-refinement-scope
   "agentContext": {
     "sessionId": "20251219-001",
     "phase": "cross-cutting",
-    "workflowState": "artifacts/workflows/state/workflow-wf-20251219-001-state.json",
+    "workflowState": "artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json",
     "feedbackPath": "artifacts/refinement/feedback-20251219-001.md",
     "minConfidence": 0.8
   }

package/library/commands/ai-dlc/apply-refinements.md

@@ -69,7 +69,7 @@ ai-dlc prepare ai-dlc:apply-refinements
     "refinementType": "same_phase",
     "targetSteps": ["design-ui", "generate-code"],
     "dependentSteps": ["build-tests"],
-    "workflowState": "artifacts/workflows/state/workflow-wf-20251219-001-state.json",
+    "workflowState": "artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json",
     "dryRun": false,
     "autoCommit": true
   }

package/library/commands/ai-dlc/archive-session.md

@@ -74,7 +74,7 @@ ai-dlc prepare ai-dlc:archive-session --id 20251219-001
       "artifacts/construction/logical-designs/logical-design-unit-auth-20251219-001.md",
       "artifacts/construction/bolts/bolt-unit-auth-001-20251219-001.md",
       "artifacts/operations/runbooks/runbook-api-20251219-001.md",
-      "artifacts/workflows/state/workflow-wf-20251219-001-state.json",
+      "artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json",
       "artifacts/sessions/session-20251219-001.md"
     ],
     "totalFiles": 10,
@@ -129,8 +129,8 @@ Execute archival:
 5. MOVE ARTIFACT FILES
    - Move (not copy) each file to its mirrored location in archive
    - Preserve exact relative path from artifacts/ root
-   - Example: `artifacts/workflows/state/workflow-wf-20251219-001-state.json`
-           → `artifacts/archive/{folder}/workflows/state/workflow-wf-20251219-001-state.json`
+   - Example: `artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json`
+           → `artifacts/archive/{folder}/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json`
 6. GENERATE README.md - Session summary, key findings, next steps
 7. GENERATE METRICS.md - Detailed statistics, quality assessment
 8. UPDATE SESSION STATE - Mark as archived, clear active session
@@ -203,7 +203,7 @@ artifacts/archive/{date}-{meaningful-name}/
 |-------------------|-------------------|
 | `artifacts/inception/intent-20251219-001.md` | `artifacts/archive/20251219-payment/inception/intent-20251219-001.md` |
 | `artifacts/construction/domain-models/domain-model-unit-auth-20251219-001.md` | `artifacts/archive/20251219-payment/construction/domain-models/domain-model-unit-auth-20251219-001.md` |
-| `artifacts/workflows/state/workflow-wf-20251219-001-state.json` | `artifacts/archive/20251219-payment/workflows/state/workflow-wf-20251219-001-state.json` |
+| `artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json` | `artifacts/archive/20251219-payment/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json` |
 | `artifacts/sessions/session-20251219-001.md` | `artifacts/archive/20251219-payment/sessions/session-20251219-001.md` |
 
 ## Archive Naming Convention
@@ -222,7 +222,7 @@ artifacts/archive/{date}-{meaningful-name}/
 ### File Matching
 Files are matched by checking if the **filename** contains the session ID:
 - Session ID: `20251219-001`
-- Matches: `intent-20251219-001.md`, `workflow-wf-20251219-001-state.json`, `session-20251219-001.md`
+- Matches: `intent-20251219-001.md`, `workflow-wf-greenfield-project-20251219-001-state.json`, `session-20251219-001.md`
 - Does NOT match: `20251218-001` (different session), `workflow-config.json` (no session ID)
 
 ### Supported File Types

package/library/commands/ai-dlc/build-tests.md

@@ -1,5 +1,5 @@
 ---
-name: build-tests
+command: ai-dlc:build-tests
 description: Generate comprehensive test suites (unit, integration, E2E) for generated code
 phase: construction
 agent: unit-test-builder
@@ -42,33 +42,9 @@ Generate comprehensive test suites for production code.
 
 **MANDATORY**: Use the Task tool to spawn the unit-test-builder subagent. Do NOT execute test generation in this context.
 
-Use Task tool with these parameters:
+Use Task tool with:
 - **subagent_type**: `unit-test-builder`
-- **prompt**: See Subagent Prompt below
-
-## Subagent Prompt
-
-```
-User is generating tests for Unit.
-Unit: ${unit-name}
-Test Type: ${type || 'all'}
-Framework: ${framework || 'xunit'}
-
-Execute the full test generation workflow:
-
-1. LOAD DOMAIN MODEL - Read domain model for behavior understanding
-2. SCAN SOURCE CODE - Identify all classes, methods, and interfaces
-3. GENERATE UNIT TESTS - Create xUnit/NUnit tests with mocking
-4. GENERATE INTEGRATION TESTS - Create service-level tests
-5. GENERATE E2E TESTS - Create Playwright/Stagehand tests for user flows
-6. GENERATE TEST FIXTURES - Create test data and helpers
-7. CONFIGURE COVERAGE - Set up coverage collection
-8. VALIDATE TESTS COMPILE - Run dotnet build on tests
-9. SAVE TEST FILES - Save to tests/{TestType}/{UnitName}/
-
-Output to: tests/
-Session ID format: YYYYMMDD-NNN
-```
+- **prompt**: Include the EXACT `outputPath` and context files from Step 1
 
 ## Syntax
 
@@ -153,19 +129,51 @@ ai-dlc verify ai-dlc:build-tests "tests/Unit/Checkout/"
 | Source Code | Yes | Checks `src/Units/{UnitName}/` exists |
 | Domain Model | Recommended | Used for behavior verification |
 
-## Agent Delegation
+## Subagent Prompt
 
-This command delegates to the `unit-test-builder` agent:
+```
+Generate tests for Unit: ${unit-id}
 
-```markdown
-Generate tests for Unit: {unit-name}
 **CRITICAL: OUTPUT PATH IS ENFORCED**
-You MUST generate tests in EXACTLY this directory: {outputPath}
-Session ID: {sessionId}
-Source Code Path: {sourceCodePath}
-Domain Model Path: {domainModelPath}
-Test Type: {testType}
-Framework: {framework}
+You MUST generate tests in EXACTLY this directory: ${outputPath}
+Session ID: ${agentContext.sessionId}
+
+**CONTEXT FILES TO READ:**
+- Source Code: ${agentContext.sourceCodePath}
+- Domain Model: ${agentContext.domainModelPath}
+
+Do NOT create files at any other location.
+
+REQUIREMENTS:
+1. Read context artifacts from provided paths
+2. For unit ${unit-id}, execute the full test generation workflow:
+   - LOAD DOMAIN MODEL - Read domain model for behavior understanding
+   - SCAN SOURCE CODE - Identify all classes, methods, and interfaces
+   - GENERATE UNIT TESTS - Create xUnit/NUnit tests with mocking
+   - GENERATE INTEGRATION TESTS - Create service-level tests
+   - GENERATE E2E TESTS - Create Playwright/Stagehand tests for user flows
+   - GENERATE TEST FIXTURES - Create test data and helpers
+   - CONFIGURE COVERAGE - Set up coverage collection
+   - VALIDATE TESTS COMPILE - Run dotnet build on tests
+3. Test Type: ${agentContext.testType}
+4. Framework: ${agentContext.framework}
+5. Save to EXACTLY the enforced output path
+
+OUTPUT FORMAT:
+Generate comprehensive test suites including:
+- Unit tests with mocking and assertions
+- Integration tests for service interactions
+- E2E tests for user workflows
+- Test fixtures and helpers
+- Coverage configuration
+
+## Next Steps
+- Run /ai-dlc:review-code ${unit-id} to review code and tests
+- Run /ai-dlc:complete-bolt to complete the current bolt
+
+**POST-COMPLETION**: The orchestrator will run:
+  ai-dlc verify ai-dlc:build-tests ${outputPath}
+If verification fails, you may be asked to correct the artifact.
 ```
 
 ## Test Types

package/library/commands/ai-dlc/code-skeptic.md

@@ -0,0 +1,358 @@
+---
+command: ai-dlc:code-skeptic
+description: Critical analysis of code, designs, and approaches - challenges assumptions, discovers edge cases, identifies risks
+phase: construction
+agent: code-skeptic
+tools: Read, Write, Edit, Glob, Grep
+activation_keywords: skeptic, challenge, assumptions, edge cases, stress test, critical analysis
+requires_unit: true
+---
+
+# /ai-dlc:code-skeptic
+
+## CRITICAL: User-Facing Output Rules
+
+**NEVER output internal CLI commands to users.**
+
+When presenting next steps to the user, ALWAYS use slash commands:
+- `/ai-dlc:review-code`
+- `/ai-dlc:complete-bolt`
+- `/ai-dlc:generate-code`
+- `/ai-dlc:build-tests`
+- `/ai-dlc:code-skeptic`
+- `/ai-dlc:validate-phase construction`
+
+All CLI commands in this document are for your internal execution only - never show them to users.
+
+---
+
+> **ENFORCEMENT REQUIRED** - This command uses TypeScript enforcement
+> ```bash
+> ai-dlc prepare ai-dlc:code-skeptic --unit ${unit-name}  # BEFORE agent
+> ai-dlc verify ai-dlc:code-skeptic <path> --unit ${unit-name}  # AFTER agent
+> ```
+> **DO NOT** skip enforcement. **DO NOT** let agents pick their own paths.
+
+Perform critical skeptical analysis of code, designs, and approaches. Challenges assumptions, discovers edge cases, identifies risks, and stress-tests thinking through structured questioning frameworks.
+
+## Syntax
+
+```bash
+/ai-dlc:code-skeptic <unit-name> [--focus all|assumptions|edge-cases|failures|scalability|integration|alternatives] [--severity red-flag|concern|all]
+```
+
+---
+
+## ENFORCEMENT INTEGRATION (MANDATORY)
+
+**STEP 1: PREPARE (Before Agent)**
+
+Run the TypeScript enforcement to validate and get the output path:
+
+```bash
+ai-dlc prepare ai-dlc:code-skeptic --unit unit-checkout
+```
+
+This returns JSON like:
+```json
+{
+  "canProceed": true,
+  "outputPath": "artifacts/construction/reviews/skeptic-unit-checkout-20251219-001.md",
+  "agentContext": {
+    "sessionId": "20251219-001",
+    "phase": "construction",
+    "unitName": "unit-checkout",
+    "sourceCodePath": "src/Units/Checkout/",
+    "testsPath": "tests/Unit/Checkout/",
+    "domainModelPath": "artifacts/construction/domain-models/domain-model-unit-checkout-20251219-001.md"
+  }
+}
+```
+
+**IF `canProceed: false`** → **STOP IMMEDIATELY**. Do NOT spawn the agent.
+
+**Error Handling - Example Error Response:**
+```json
+{
+  "canProceed": false,
+  "validation": {
+    "blocked": true,
+    "errors": [{
+      "code": "MISSING_SOURCE_CODE",
+      "message": "No source code found for unit-checkout",
+      "suggestion": "Run /ai-dlc:generate-code unit-checkout first"
+    }]
+  }
+}
+```
+
+**Display the error message and suggestion to the user. DO NOT proceed.**
+
+**Blocking Conditions:**
+- `NO_SESSION` - No active session exists. Run `/ai-dlc:start-intent` first.
+- `UNIT_NOT_FOUND` - Unit not found. Check unit name.
+- `MISSING_SOURCE_CODE` - No source code found. Run `/ai-dlc:generate-code` first.
+
+### STEP 2: SPAWN AGENT (With Enforced Path)
+
+**ONLY if `canProceed: true`** from Step 1.
+
+Use Task tool with:
+- **subagent_type**: `code-skeptic`
+- **prompt**: Include the EXACT `outputPath` and context files from Step 1
+
+### STEP 3: VERIFY (After Agent)
+
+After the agent completes, **ALWAYS** run verification:
+
+```bash
+ai-dlc verify ai-dlc:code-skeptic "artifacts/construction/reviews/skeptic-unit-checkout-20251219-001.md" --unit unit-checkout
+```
+
+**Expected Success Response:**
+```json
+{
+  "valid": true,
+  "blocked": false,
+  "errors": [],
+  "warnings": [],
+  "confidenceScore": 72,
+  "redFlags": 1,
+  "concerns": 4,
+  "observations": 7
+}
+```
+
+**IF `valid: false`** → Report the error. The agent did not create the artifact correctly.
+
+---
+
+## Context Isolation: Required
+
+**MANDATORY**: Use the Task tool to spawn the code-skeptic subagent. Do NOT execute skeptical analysis in this context.
+
+Use Task tool with:
+- **subagent_type**: `code-skeptic`
+- **prompt**: Include the EXACT `outputPath` and context files from Step 1
+
+## Subagent Prompt
+
+```
+Perform skeptical analysis for Unit: ${unit-name}
+
+**CRITICAL: OUTPUT PATH IS ENFORCED**
+You MUST create the Skeptic Report artifact at EXACTLY this path: ${outputPath}
+Session ID: ${agentContext.sessionId}
+
+**CONTEXT FILES TO READ:**
+- Source Code: ${agentContext.sourceCodePath}
+- Tests: ${agentContext.testsPath}
+- Domain Model: ${agentContext.domainModelPath}
+
+Do NOT create files at any other location.
+
+REQUIREMENTS:
+1. Read context artifacts from provided paths
+2. Execute critical skeptical analysis across 6 dimensions:
+
+   a. ASSUMPTION CHALLENGES - Identify hidden assumptions in the code/design.
+      What beliefs are baked in? What if they're wrong? What constraints are assumed
+      but never validated? Are there unstated dependencies on external behavior?
+
+   b. EDGE CASES - Discover boundary conditions, null/empty cases, race conditions,
+      off-by-one errors. What inputs were never considered? What happens at limits
+      (0, 1, MAX, overflow)? What about concurrent access patterns?
+
+   c. FAILURE MODES - What happens when things go wrong? Missing error paths?
+      Unhandled exceptions? Partial failures in multi-step operations? Data corruption
+      scenarios? Recovery mechanisms? What if external dependencies fail?
+
+   d. SCALABILITY CONCERNS - Will this approach hold under load? What are the
+      bottlenecks? Memory growth patterns? Database query performance at scale?
+      Connection pool exhaustion? Queue depth limits?
+
+   e. INTEGRATION RISKS - How does this interact with existing code? Breaking changes?
+      Contract violations? Side effects on shared state? Migration path concerns?
+      API compatibility? Dependency version conflicts?
+
+   f. DESIGN ALTERNATIVES - Are there simpler or more robust approaches? Is this
+      over-engineered? Under-engineered? Would a different pattern reduce risk?
+      What would a minimal viable approach look like?
+
+3. For each finding, assign a severity:
+   - RED FLAG: Must address before proceeding (blocks progress)
+   - CONCERN: Should address before merge (significant risk)
+   - OBSERVATION: Consider for future improvement (minor risk)
+
+4. Focus Dimensions: ${focus || 'all'}
+5. Severity Filter: ${severity || 'all'}
+6. Save to EXACTLY the enforced output path
+
+OUTPUT FORMAT:
+# Skeptic Report: ${unit-name}
+
+## Session
+- **Session ID**: ${agentContext.sessionId}
+- **Created**: {ISO timestamp}
+- **Phase**: construction
+- **Unit**: ${unit-name}
+
+## Confidence Score: {0-100}
+
+## Red Flags Summary
+{list of red flags if any}
+
+## Dimension Analysis
+
+### 1. Assumption Challenges
+{findings with severity}
+
+### 2. Edge Cases
+{findings with severity}
+
+### 3. Failure Modes
+{findings with severity}
+
+### 4. Scalability Concerns
+{findings with severity}
+
+### 5. Integration Risks
+{findings with severity}
+
+### 6. Design Alternatives
+{findings with severity}
+
+## Risk Scenarios
+{concrete scenarios with likelihood}
+
+## Suggested Mitigations
+{mitigations for each finding}
+
+## Questions for Developer
+{open questions}
+
+## Next Steps
+- Run /ai-dlc:review-code ${unit-name} for formal code review
+- Run /ai-dlc:complete-bolt ${unit-name} if analysis passed
+
+**POST-COMPLETION**: The orchestrator will run:
+  ai-dlc verify ai-dlc:code-skeptic ${outputPath} --unit ${unit-name}
+If verification fails, you may be asked to correct the artifact.
+```
+
+---
+
+## The 6 Skeptic Dimensions
+
+| # | Dimension | Focus Areas |
+|---|-----------|-------------|
+| 1 | **Assumption Challenges** | Hidden beliefs, unstated constraints, unvalidated dependencies |
+| 2 | **Edge Cases** | Boundary conditions, null/empty inputs, race conditions, overflow |
+| 3 | **Failure Modes** | Error paths, partial failures, recovery, data corruption |
+| 4 | **Scalability Concerns** | Load behavior, bottlenecks, memory growth, connection limits |
+| 5 | **Integration Risks** | Breaking changes, contract violations, side effects, migration |
+| 6 | **Design Alternatives** | Simpler approaches, over/under-engineering, minimal viable options |
+
+## Severity Levels
+
+| Level | Label | Description | Action |
+|-------|-------|-------------|--------|
+| **Red Flag** | `RED FLAG` | Fundamental risk that could cause failure | MUST address before proceeding |
+| **Concern** | `CONCERN` | Significant risk that weakens the solution | SHOULD address before merge |
+| **Observation** | `OBSERVATION` | Minor risk or improvement opportunity | CONSIDER for future iteration |
+
+## Confidence Score
+
+The Confidence Score (0-100) represents how confident the skeptic is that the code/design is sound:
+
+| Score | Interpretation | Recommendation |
+|-------|---------------|----------------|
+| **90-100** | Very high confidence, minimal risk | Proceed with confidence |
+| **75-89** | Good confidence, manageable risks | Address concerns, then proceed |
+| **50-74** | Moderate confidence, notable risks | Address red flags and concerns before proceeding |
+| **25-49** | Low confidence, significant risks | Major rework or redesign recommended |
+| **0-24** | Very low confidence, fundamental issues | Stop and reassess approach entirely |
+
+## Prerequisites
+
+| Prerequisite | Required | CLI Check |
+|-------------|----------|-----------|
+| Active Session | Yes | `ai-dlc session status` |
+| Unit Exists | Yes | Validates against units artifact |
+| Source Code | Yes | Checks source path exists |
+| Design Artifacts | Recommended | Domain models, API designs, etc. |
+
+## Output
+
+The agent produces a skeptic report at the enforced output path:
+- Confidence Score (0-100)
+- Dimension-by-dimension findings with severity labels
+- Red Flags summary with required actions
+- Concrete risk scenarios with likelihood
+- Suggested mitigations for each finding
+- Open questions for the developer
+
+## Examples
+
+```bash
+# Full 6-dimension skeptical analysis
+/ai-dlc:code-skeptic unit-checkout
+
+# Focus on edge cases and failure modes
+/ai-dlc:code-skeptic unit-checkout --focus edge-cases
+
+# Only show red flags
+/ai-dlc:code-skeptic unit-checkout --severity red-flag
+
+# Focus on scalability concerns
+/ai-dlc:code-skeptic unit-checkout --focus scalability
+
+# Analyze integration risks before merging
+/ai-dlc:code-skeptic unit-checkout --focus integration
+```
+
+## Blocking Conditions
+
+| Condition | Error Code | Resolution |
+|-----------|------------|------------|
+| No session | `NO_SESSION` | Run `/ai-dlc:start-intent` first |
+| Unit not found | `UNIT_NOT_FOUND` | Check unit name |
+| No source code | `MISSING_SOURCE_CODE` | Run `/ai-dlc:generate-code` first |
+
+## Post-Analysis Checklist
+
+After skeptical analysis:
+- [ ] Red flags reviewed and acknowledged
+- [ ] Concerns triaged (fix now vs. defer)
+- [ ] Edge cases added to test plan
+- [ ] Failure modes documented with mitigation strategy
+- [ ] Design alternatives evaluated
+- [ ] Open questions answered or escalated
+
+## Next Steps
+
+After skeptical analysis:
+```bash
+# Address findings and run a formal code review
+/ai-dlc:review-code unit-checkout
+
+# If analysis passed with high confidence, complete the bolt
+/ai-dlc:complete-bolt unit-checkout
+
+# Re-run skeptic after addressing findings
+/ai-dlc:code-skeptic unit-checkout
+```
+
+---
+
+## Internal CLI Commands (DO NOT OUTPUT TO USER)
+
+> **REMINDER**: These commands are for internal orchestration only. Never show CLI commands to users.
+
+| Purpose | CLI Command |
+|---------|-------------|
+| Before Agent | `ai-dlc prepare ai-dlc:code-skeptic --unit <name>` |
+| Agent Prompt | Include `outputPath` and context files |
+| After Agent | `ai-dlc verify ai-dlc:code-skeptic <path> --unit <name>` |
+| Path | `ai-dlc path ai-dlc:code-skeptic --unit <name>` |
+| Troubleshoot | `ai-dlc session status` |

package/library/commands/ai-dlc/collect-refinement-feedback.md

@@ -64,7 +64,7 @@ ai-dlc prepare ai-dlc:collect-refinement-feedback --phase construction
     "allowCrossPhase": true,
     "refinementCycle": 1,
     "maxCycles": 3,
-    "workflowState": "artifacts/workflows/state/workflow-wf-20251219-001-state.json"
+    "workflowState": "artifacts/workflows/state/workflow-wf-greenfield-project-20251219-001-state.json"
   }
 }
 ```