@slamb2k/mad-skills 2.0.44 → 2.0.46

package/.claude-plugin/marketplace.json

@@ -18,6 +18,21 @@
       "category": "development",
       "homepage": "https://github.com/slamb2k/mad-skills",
       "tags": ["planning", "tdd", "architecture", "llm-review", "implementation"]
+    },
+    {
+      "name": "squiz",
+      "description": "Browser automation that works on Windows, WSL, remote VMs, and macOS — no Chrome extension required. Token-efficient agent-browser CLI with context isolation.",
+      "author": {
+        "name": "slamb2k",
+        "url": "https://github.com/slamb2k"
+      },
+      "source": {
+        "source": "github",
+        "repo": "slamb2k/squiz"
+      },
+      "category": "browser-automation",
+      "homepage": "https://github.com/slamb2k/squiz",
+      "tags": ["browser", "automation", "testing", "scraping", "screenshots"]
     }
   ]
 }

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "mad-skills",
   "description": "AI-assisted planning, development and governance tools",
-  "version": "2.0.44",
+  "version": "2.0.46",
   "author": {
     "name": "slamb2k",
     "url": "https://github.com/slamb2k"

package/hooks/lib/config.cjs

@@ -53,4 +53,17 @@ module.exports = {
   pythonFiles: ['pyproject.toml', 'requirements.txt', 'setup.py'],
 
   taskList: { minCommits: 20, minFiles: 30 },
+
+  pluginHealth: {
+    claudeMem: {
+      maxObservations: 20,
+      maxSessionCount: 5,
+      recommendedSkipTools: [
+        'Read', 'Glob', 'Grep', 'ToolSearch', 'Agent', 'WebSearch', 'WebFetch',
+      ],
+    },
+    hookify: {
+      rulePattern: /^hookify\..*\.local\.md$/,
+    },
+  },
 };

package/hooks/lib/git-checks.cjs

@@ -1,10 +1,15 @@
 'use strict';
 
 const { existsSync } = require('fs');
-const { join, dirname, basename } = require('path');
+const { join, dirname, basename, resolve } = require('path');
 const config = require('./config.cjs');
 const { git, readJson, countFiles } = require('./utils.cjs');
 
+/** Normalize path separators for reliable comparison on Windows. */
+function normalizePath(p) {
+  return resolve(p).replace(/\\/g, '/');
+}
+
 /**
  * Validate git repository state.
  * Returns { gitRoot: string|null }.
@@ -25,7 +30,7 @@ function checkGit(projectDir, output) {
     return { gitRoot: null };
   }
 
-  if (gitRoot !== projectDir) {
+  if (normalizePath(gitRoot) !== normalizePath(projectDir)) {
     checkNestedGit(projectDir, gitRoot, output);
   }
 
@@ -33,11 +38,12 @@ function checkGit(projectDir, output) {
 }
 
 function checkNestedGit(projectDir, gitRoot, output) {
-  // Calculate depth
+  // Calculate depth — normalize separators for reliable comparison on Windows
   let depth = 0;
-  let check = projectDir;
-  while (check !== gitRoot && check !== '/') {
-    check = dirname(check);
+  let check = normalizePath(projectDir);
+  const normalizedRoot = normalizePath(gitRoot);
+  while (check !== normalizedRoot && check !== '/' && depth < 20) {
+    check = normalizePath(dirname(check));
     depth++;
   }
 

package/hooks/lib/plugin-health.cjs

@@ -0,0 +1,107 @@
+'use strict';
+
+const { join } = require('path');
+const { homedir } = require('os');
+const { readdirSync } = require('fs');
+const config = require('./config.cjs');
+const state = require('./state.cjs');
+const { readJson } = require('./utils.cjs');
+
+/**
+ * Plugin Health — detect performance anti-patterns in companion plugins.
+ *
+ * Checks:
+ *   - Hookify enabled with no rules (pure overhead)
+ *   - claude-mem missing SKIP_TOOLS for read-only tools
+ *   - claude-mem context injection too high (when OMC also active)
+ *
+ * Signals are weight=0 (informational only, won't trigger staleness prompt).
+ */
+
+function checkPluginHealth(projectDir, output) {
+  const prefs = state.loadPrefs(projectDir);
+  if (prefs.pluginHealthDismissed) return;
+
+  const settings = readJson(join(homedir(), '.claude', 'settings.json'));
+  if (!settings) return; // No global settings — nothing to check
+
+  const plugins = settings.enabledPlugins || {};
+
+  checkHookify(projectDir, plugins, output);
+  checkClaudeMem(plugins, output);
+}
+
+// ─── hookify ──────────────────────────────────────────────────────────
+
+function checkHookify(projectDir, plugins, output) {
+  const hookifyKey = Object.keys(plugins).find(k => k.includes('hookify'));
+  if (!hookifyKey || plugins[hookifyKey] !== true) return; // Not enabled
+
+  // Count rule files in project .claude/ directory
+  let ruleCount = 0;
+  try {
+    const projectClaudeDir = join(projectDir, '.claude');
+    const files = readdirSync(projectClaudeDir);
+    ruleCount = files.filter(f => config.pluginHealth.hookify.rulePattern.test(f)).length;
+  } catch { /* directory doesn't exist — zero rules */ }
+
+  // Also check global .claude/ directory
+  try {
+    const globalClaudeDir = join(homedir(), '.claude');
+    const files = readdirSync(globalClaudeDir);
+    ruleCount += files.filter(f => config.pluginHealth.hookify.rulePattern.test(f)).length;
+  } catch { /* noop */ }
+
+  if (ruleCount === 0) {
+    output.signals.push(
+      '\u26A0 Hookify enabled but no rules configured \u2014 fires on every tool call for nothing. Run /brace or disable in settings',
+    );
+  }
+}
+
+// ─── claude-mem ───────────────────────────────────────────────────────
+
+function checkClaudeMem(plugins, output) {
+  const memKey = Object.keys(plugins).find(k => k.includes('claude-mem'));
+  if (!memKey || plugins[memKey] !== true) return; // Not enabled
+
+  const memSettings = readJson(join(homedir(), '.claude-mem', 'settings.json'));
+  if (!memSettings) return; // No settings file
+
+  // Check SKIP_TOOLS for read-only tools
+  const currentSkip = (memSettings.CLAUDE_MEM_SKIP_TOOLS || '')
+    .split(',')
+    .map(t => t.trim())
+    .filter(Boolean);
+
+  const missing = config.pluginHealth.claudeMem.recommendedSkipTools
+    .filter(t => !currentSkip.includes(t));
+
+  if (missing.length > 0) {
+    output.signals.push(
+      `\u26A0 claude-mem observing read-only tools (${missing.join(', ')}) \u2014 run /brace to optimise`,
+    );
+  }
+
+  // Check context injection levels (only flag if OMC is also active)
+  const omcKey = Object.keys(plugins).find(k => k.includes('oh-my-claudecode'));
+  const omcEnabled = omcKey && plugins[omcKey] === true;
+
+  if (omcEnabled) {
+    const obs = parseInt(memSettings.CLAUDE_MEM_CONTEXT_OBSERVATIONS, 10);
+    if (!isNaN(obs) && obs > config.pluginHealth.claudeMem.maxObservations) {
+      output.signals.push(
+        `\u26A0 claude-mem CONTEXT_OBSERVATIONS=${obs} (recommended \u226420) \u2014 may bloat session context`,
+      );
+    }
+
+    const sessions = parseInt(memSettings.CLAUDE_MEM_CONTEXT_SESSION_COUNT, 10);
+    if (!isNaN(sessions) && sessions > config.pluginHealth.claudeMem.maxSessionCount) {
+      output.signals.push(
+        `\u26A0 claude-mem CONTEXT_SESSION_COUNT=${sessions} (recommended \u22645) \u2014 may bloat session context`,
+      );
+    }
+  }
+}
+
+module.exports = { checkPluginHealth };

package/hooks/lib/state.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-const { mkdirSync, writeFileSync, readFileSync, unlinkSync, existsSync } = require('fs');
+const { mkdirSync, writeFileSync, readFileSync, unlinkSync, existsSync, renameSync } = require('fs');
 const { join } = require('path');
 const { createHash } = require('crypto');
 const { homedir } = require('os');
@@ -19,13 +19,45 @@ function statePath(projectDir) {
   return join(STATE_DIR, `${projectKey(projectDir)}.json`);
 }
 
+/** Atomic write: write to .tmp then rename to avoid partial reads. */
 function save(projectDir, data) {
   ensureDir();
-  writeFileSync(statePath(projectDir), JSON.stringify({
+  const target = statePath(projectDir);
+  const tmp = `${target}.tmp`;
+  writeFileSync(tmp, JSON.stringify({
     ...data,
     projectDir,
     timestamp: Date.now(),
   }, null, 2));
+  try {
+    renameSync(tmp, target);
+  } catch {
+    // Rename failed (rare on Windows if target locked) — fall back to direct write
+    writeFileSync(target, readFileSync(tmp, 'utf-8'));
+    try { unlinkSync(tmp); } catch { /* noop */ }
+  }
+}
+
+/** Write an in-progress marker so remind() knows to wait. */
+function saveInProgress(projectDir) {
+  ensureDir();
+  const target = statePath(projectDir);
+  const tmp = `${target}.tmp`;
+  writeFileSync(tmp, JSON.stringify({
+    status: 'in-progress',
+    projectDir,
+    timestamp: Date.now(),
+  }, null, 2));
+  try {
+    renameSync(tmp, target);
+  } catch {
+    writeFileSync(target, JSON.stringify({
+      status: 'in-progress',
+      projectDir,
+      timestamp: Date.now(),
+    }, null, 2));
+    try { unlinkSync(tmp); } catch { /* noop */ }
+  }
 }
 
 function load(projectDir) {
@@ -42,13 +74,40 @@ function clear(projectDir) {
   try { unlinkSync(statePath(projectDir)); } catch { /* noop */ }
 }
 
-/** Dedup: true if check ran within the last `seconds`. */
+/**
+ * Dedup: true if check ran (or is running) within the last `seconds`.
+ * Also returns true if a background check is in-progress.
+ */
 function isRecentlyChecked(projectDir, seconds = 5) {
   const data = load(projectDir);
   if (!data) return false;
+  if (data.status === 'in-progress') return true;
   return (Date.now() - data.timestamp) < seconds * 1000;
 }
 
+/**
+ * Wait for the background check to complete.
+ * Polls until state file has actual results (not in-progress), or timeout.
+ * Returns loaded data or null on timeout / no data.
+ */
+function waitForReady(projectDir, timeoutMs = 4000, intervalMs = 200) {
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
+    const data = load(projectDir);
+    if (!data) return null; // No state file at all — nothing pending
+    if (data.status === 'in-progress') {
+      // Check for stale in-progress marker (background worker crashed)
+      if (Date.now() - data.timestamp > 30000) return null;
+      // Busy-wait with sleep
+      const sleepUntil = Date.now() + intervalMs;
+      while (Date.now() < sleepUntil) { /* spin */ }
+      continue;
+    }
+    return data; // Ready — has actual results
+  }
+  return null; // Timed out
+}
+
 // ─── persistent per-project preferences ───────────────────────────────
 
 function prefsPath(projectDir) {
@@ -70,4 +129,33 @@ function savePrefs(projectDir, prefs) {
   writeFileSync(prefsPath(projectDir), JSON.stringify(prefs, null, 2));
 }
 
-module.exports = { save, load, clear, isRecentlyChecked, loadPrefs, savePrefs };
+// ─── pending build marker ─────────────────────────────────────────────
+
+function pendingBuildPath(projectDir) {
+  return join(STATE_DIR, `${projectKey(projectDir)}-pending-build.json`);
+}
+
+function savePendingBuild(projectDir, specPath) {
+  ensureDir();
+  writeFileSync(pendingBuildPath(projectDir), JSON.stringify({
+    specPath,
+    projectDir,
+    timestamp: Date.now(),
+  }, null, 2));
+}
+
+function loadPendingBuild(projectDir) {
+  const path = pendingBuildPath(projectDir);
+  if (!existsSync(path)) return null;
+  try {
+    return JSON.parse(readFileSync(path, 'utf-8'));
+  } catch {
+    return null;
+  }
+}
+
+function clearPendingBuild(projectDir) {
+  try { unlinkSync(pendingBuildPath(projectDir)); } catch { /* noop */ }
+}
+
+module.exports = { save, saveInProgress, load, clear, isRecentlyChecked, waitForReady, loadPrefs, savePrefs, savePendingBuild, loadPendingBuild, clearPendingBuild };

package/hooks/lib/utils.cjs

@@ -27,6 +27,7 @@ function git(args, cwd) {
       encoding: 'utf-8',
       stdio: ['pipe', 'pipe', 'pipe'],
       timeout: 10000,
+      windowsHide: true,
     }).trim();
   } catch {
     return null;

package/hooks/session-guard.cjs

@@ -19,6 +19,7 @@
 
 const { existsSync } = require('fs');
 const { join } = require('path');
+const { spawn } = require('child_process');
 
 const config = require('./lib/config.cjs');
 const state = require('./lib/state.cjs');
@@ -27,12 +28,14 @@ const { getBanner } = require('./lib/banner.cjs');
 const { checkGit } = require('./lib/git-checks.cjs');
 const { checkTaskList } = require('./lib/task-checks.cjs');
 const { checkStaleness } = require('./lib/staleness.cjs');
+const { checkPluginHealth } = require('./lib/plugin-health.cjs');
 
 const PROJECT_DIR = process.env.CLAUDE_PROJECT_DIR || process.cwd();
 const CLAUDE_MD = join(PROJECT_DIR, 'CLAUDE.md');
 
 // ─── check ─────────────────────────────────────────────────────────────
-// Runs at SessionStart. Validates project health and emits context.
+// Runs at SessionStart. Spawns background worker and exits immediately
+// so the Claude Code UI stays responsive.
 
 function check() {
   // Dedup: skip if recently checked (handles dual global+project registration)
@@ -41,6 +44,28 @@ function check() {
     return;
   }
 
+  // Write in-progress marker immediately (also serves as dedup guard)
+  state.saveInProgress(PROJECT_DIR);
+
+  // Emit empty response — SessionStart returns instantly
+  console.log(JSON.stringify({}));
+
+  // Spawn background worker for heavy checks
+  // windowsHide: true prevents a console window from flashing on Windows
+  const worker = spawn(process.execPath, [__filename, 'check-bg'], {
+    detached: true,
+    stdio: 'ignore',
+    windowsHide: true,
+    env: { ...process.env, CLAUDE_PROJECT_DIR: PROJECT_DIR },
+  });
+  worker.unref();
+}
+
+// ─── check-bg ──────────────────────────────────────────────────────────
+// Runs as a detached background process. Performs all validation and
+// writes results to the state file for remind() to pick up.
+
+function checkBackground() {
   const output = new OutputBuilder();
 
   // Banner — shown once per session at start
@@ -62,7 +87,7 @@ function check() {
         '"Skip" \u2014 continue without one',
       ],
     );
-    emit(output);
+    saveState(output);
     return;
   }
 
@@ -80,7 +105,13 @@ function check() {
   // 3) Staleness evaluation
   checkStaleness(PROJECT_DIR, CLAUDE_MD, gitRoot, output);
 
-  // 4) Staleness summary
+  // 4) Pending build check
+  checkPendingBuild(PROJECT_DIR, output);
+
+  // 5) Plugin health check
+  checkPluginHealth(PROJECT_DIR, output);
+
+  // 6) Staleness summary
   if (output.score >= config.staleness.threshold) {
     output.blank();
     output.add(`[SESSION GUARD] \u26A0\uFE0F  CLAUDE.md appears STALE (score: ${output.score}/${config.staleness.threshold})`);
@@ -102,14 +133,15 @@ function check() {
     output.signals.forEach(sig => output.add(`  ${sig}`));
   }
 
-  emit(output);
+  saveState(output);
 }
 
 // ─── remind ────────────────────────────────────────────────────────────
 // Runs at UserPromptSubmit. Re-emits pending context from check, once.
 
 function remind() {
-  const pending = state.load(PROJECT_DIR);
+  // Wait for background check to complete (polls up to 4s at 200ms intervals)
+  const pending = state.waitForReady(PROJECT_DIR);
 
   if (!pending || !pending.context) {
     console.log(JSON.stringify({}));
@@ -231,10 +263,30 @@ function checkRig(projectDir, output) {
   );
 }
 
+// ─── pending build check ──────────────────────────────────────────────
+
+function checkPendingBuild(projectDir, output) {
+  const pending = state.loadPendingBuild(projectDir);
+  if (!pending) return;
+
+  const specPath = pending.specPath;
+  const specExists = existsSync(join(projectDir, specPath));
+
+  if (!specExists) {
+    // Spec file was deleted — clean up stale marker
+    state.clearPendingBuild(projectDir);
+    return;
+  }
+
+  output.blank();
+  output.add(`[SESSION GUARD] 📋 Pending spec ready for build: ${specPath}`);
+  output.add(`[SESSION GUARD] → Run: /build ${specPath}`);
+}
+
 // ─── helpers ───────────────────────────────────────────────────────────
 
-function emit(output) {
-  console.log(output.toJson());
+/** Save check results to state file (used by background worker, no stdout). */
+function saveState(output) {
   state.save(PROJECT_DIR, {
     context: output.parts.join('\n'),
     score: output.score,
@@ -253,6 +305,15 @@ switch (command) {
   case 'remind':
     remind();
     break;
+  case 'check-bg':
+    try {
+      checkBackground();
+    } catch {
+      // Background worker failed — clear in-progress marker so remind()
+      // doesn't hang waiting. Graceful degradation: no context this session.
+      state.clear(PROJECT_DIR);
+    }
+    break;
   case 'dismiss-brace': {
     const prefs = state.loadPrefs(PROJECT_DIR);
     prefs.braceDismissed = true;
@@ -267,8 +328,15 @@ switch (command) {
     console.log(`Rig prompt dismissed for ${PROJECT_DIR}`);
     break;
   }
+  case 'dismiss-plugin-health': {
+    const prefs = state.loadPrefs(PROJECT_DIR);
+    prefs.pluginHealthDismissed = true;
+    state.savePrefs(PROJECT_DIR, prefs);
+    console.log(`Plugin health checks dismissed for ${PROJECT_DIR}`);
+    break;
+  }
   default:
     console.error(`Session Guard v${config.version}`);
-    console.error('Usage: node session-guard.js <check|remind|dismiss-brace|dismiss-rig>');
+    console.error('Usage: node session-guard.js <check|remind|dismiss-brace|dismiss-rig|dismiss-plugin-health>');
     process.exit(1);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slamb2k/mad-skills",
-  "version": "2.0.44",
+  "version": "2.0.46",
   "description": "Claude Code skills collection — full lifecycle development tools",
   "type": "module",
   "repository": {

package/skills/brace/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: brace
 description: 'Initialize any project directory with a standard scaffold for AI-assisted development. Creates specs/ and context/ directories, a project CLAUDE.md with development workflow and guardrails, .gitignore, and branch protection. Recommends claude-mem for persistent memory. Idempotent — safe to run on existing projects. Triggers: "init project", "setup brace", "brace", "initialize", "bootstrap", "scaffold".'
-argument-hint: "[--force]"
+argument-hint: "[--force] [--skip-plugin-tuning]"
 allowed-tools: Bash, Read, Write, Edit, Glob, Grep, Agent, AskUserQuestion
 ---
 
@@ -75,6 +75,7 @@ Report format: `references/report-template.md`
 
 Parse optional flags from the request:
 - `--force` — Overwrite existing files without prompting
+- `--skip-plugin-tuning` — Skip Phase 7 plugin performance tuning
 
 ---
 
@@ -85,6 +86,7 @@ Before starting, check all dependencies in this table:
 | Dependency | Type | Check | Required | Resolution | Detail |
 |-----------|------|-------|----------|------------|--------|
 | claude-mem | plugin | — | no | ask | `claude plugin install claude-mem` |
+| oh-my-claudecode | plugin | — | no | ask | `claude plugin install oh-my-claudecode` |
 
 For each row, in order:
 1. Run the Check command (for cli/npm) or test file existence (for agent/skill)
@@ -97,6 +99,11 @@ For each row, in order:
    - **fallback**: notify user with Detail, continue with degraded behavior
 4. After all checks: summarize what's available and what's degraded
 
+**Plugin detection:** For plugin dependencies (Type = plugin), check
+`~/.claude/settings.json` → `enabledPlugins` for a key containing the plugin
+name set to `true`. Store results as `PLUGIN_STATE` (`claude_mem_installed`,
+`omc_installed`, `hookify_installed`) for use in Phase 4 and Phase 7.
+
 1. Capture **FLAGS** from the user's request
 
 ---
@@ -246,6 +253,11 @@ Before sending the prompt, substitute these variables:
 - `{GITIGNORE_CONTENT}` — read from `assets/gitignore-template`
 - `{GLOBAL_PREFERENCES_CONTENT}` — read from `assets/global-preferences-template.md`
   (the section between BEGIN TEMPLATE and END TEMPLATE)
+- `{PLUGIN_ROLE_SEPARATION}` — if both claude-mem AND oh-my-claudecode are
+  detected as enabled (from Phase 7 PLUGIN_REPORT, or by checking
+  `~/.claude/settings.json`), substitute with the content from
+  `references/plugin-tuning-steps.md#plugin-role-separation-content`.
+  Otherwise, substitute with an empty string.
 
 Parse SCAFFOLD_REPORT. If status is "failed", report to user and stop.
 
@@ -288,150 +300,105 @@ Parse VERIFY_REPORT. Present the final summary using the format in
 
 **Only if the project is a git repo** (from SCAN_REPORT `git_initialized`).
 
-Detect the default branch and hosting platform:
-
-```bash
-default_branch=$(git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@' || echo "main")
-
-REMOTE_URL=$(git remote get-url origin 2>/dev/null)
-if echo "$REMOTE_URL" | grep -qiE 'dev\.azure\.com|visualstudio\.com'; then
-  PLATFORM="azdo"
-elif echo "$REMOTE_URL" | grep -qi 'github\.com'; then
-  PLATFORM="github"
-else
-  PLATFORM="unknown"
-fi
-```
-
-### GitHub
+Detect the default branch and hosting platform (GitHub, Azure DevOps, or
+unknown). Platform detection and all CLI/REST commands are in
+`references/branch-protection-steps.md`.
 
-If `PLATFORM == github`:
-1. Check for existing branch protection via `gh api repos/{owner}/{repo}/branches/{default_branch}/protection` (404 = unprotected)
-2. If unprotected, ask via AskUserQuestion:
+### Flow
 
-   Question: "Default branch `{default_branch}` has no branch protection. Add it?"
-   Options:
+1. Detect platform from `git remote get-url origin`
+2. **GitHub:** Check existing protection via `gh api`. If unprotected, ask via
+   AskUserQuestion:
    - "Yes, require PR reviews (Recommended)" — require 1 approval, block force push
    - "Skip" — leave unprotected
+3. **Azure DevOps:** Extract org/project from remote URL. Check existing
+   policies via `az repos` CLI or REST fallback. If no minimum reviewer
+   policy, ask via AskUserQuestion (same options as GitHub).
+4. **Unknown platform:** Skip and report.
 
-3. If user accepts, apply via:
-   ```bash
-   gh api repos/{owner}/{repo}/branches/{default_branch}/protection \
-     -X PUT -f required_pull_request_reviews='{"required_approving_review_count":1}' \
-     -f enforce_admins=false \
-     -f restrictions=null \
-     -f required_status_checks=null \
-     -F allow_force_pushes=false \
-     -F allow_deletions=false
-   ```
+If user accepts, apply using the procedures in
+`references/branch-protection-steps.md`.
 
-### Azure DevOps
-
-If `PLATFORM == azdo`:
-
-Extract org and project from the remote URL (same pattern as `/ship`):
-```bash
-if echo "$REMOTE_URL" | grep -q 'dev\.azure\.com'; then
-  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*dev\.azure\.com/\([^/]*\)/.*|\1|p')
-  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*dev\.azure\.com/[^/]*/\([^/]*\)/.*|\1|p')
-  AZDO_ORG_URL="https://dev.azure.com/$AZDO_ORG"
-elif echo "$REMOTE_URL" | grep -q 'vs-ssh\.visualstudio\.com'; then
-  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*vs-ssh\.visualstudio\.com:v3/\([^/]*\)/.*|\1|p')
-  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*vs-ssh\.visualstudio\.com:v3/[^/]*/\([^/]*\)/.*|\1|p')
-  AZDO_ORG_URL="https://dev.azure.com/$AZDO_ORG"
-elif echo "$REMOTE_URL" | grep -q 'visualstudio\.com'; then
-  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*//\([^.]*\)\.visualstudio\.com.*|\1|p')
-  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*/\([^/]*\)/_git/.*|\1|p')
-  AZDO_ORG_URL="https://${AZDO_ORG}.visualstudio.com"
-fi
-# URL-decode for CLI/display; keep URL-safe versions for REST API paths
-AZDO_PROJECT_URL_SAFE="$AZDO_PROJECT"
-AZDO_ORG=$(python3 -c "import urllib.parse; print(urllib.parse.unquote('$AZDO_ORG'))")
-AZDO_PROJECT=$(python3 -c "import urllib.parse; print(urllib.parse.unquote('$AZDO_PROJECT_URL_SAFE'))")
-REPO_NAME=$(basename -s .git "$REMOTE_URL")
-```
+Include result in the final report under a "🔒 Branch protection" section.
 
-If org/project extraction fails, report ⚠️ and skip branch policies.
+---
 
-1. Check for existing branch policies. Use `az repos` CLI if available,
-   otherwise fall back to REST API:
+## Phase 7: Plugin Performance Tuning
 
-   **CLI:**
-   ```bash
-   az repos policy list \
-     --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
-     --repository-id "$REPO_NAME" --branch "$default_branch" \
-     --query "[].type.displayName" -o tsv
-   ```
+**Skip this phase if `--skip-plugin-tuning` flag is set.**
 
-   **REST fallback:**
-   ```bash
-   AUTH="Authorization: Basic $(printf ":%s" "$PAT" | base64 | tr -d '\n')"
-   # Get repository ID first
-   REPO_ID=$(curl -s -H "$AUTH" \
-     "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/git/repositories/$REPO_NAME?api-version=7.0" \
-     | jq -r '.id')
-   # List branch policies
-   curl -s -H "$AUTH" \
-     "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/policy/configurations?api-version=7.0" \
-     | jq "[.value[] | select(.settings.scope[]?.refName == \"refs/heads/$default_branch\" and .settings.scope[]?.repositoryId == \"$REPO_ID\")]"
-   ```
+Detect companion Claude Code plugins and recommend performance optimisations.
+This phase modifies user-level settings files (`~/.claude/settings.json`,
+`~/.claude-mem/settings.json`) — not repo-level files.
 
-2. If no "Minimum number of reviewers" policy exists, ask via AskUserQuestion:
+If `--force` is set, apply all recommendations without prompting.
 
-   Question: "Default branch `{default_branch}` has no minimum reviewer policy. Add it?"
-   Options:
-   - "Yes, require PR reviews (Recommended)" — require 1 approval, block direct push
-   - "Skip" — leave unprotected
+**Plugin presence guards:** Only audit plugins detected as installed during
+pre-flight (`PLUGIN_STATE`). Skip H1/H2 if hookify is absent. Skip M1/M2/M3
+if claude-mem is absent. Skip M2 if OMC is absent (M2 requires both). The
+`{PLUGIN_ROLE_SEPARATION}` content in CLAUDE.md is only injected when both
+claude-mem and OMC are confirmed enabled.
 
-3. If user accepts, create the policy:
+If no companion plugins are installed at all, output:
+```
+━━ 7 · Plugin Performance ━━━━━━━━━━━━━━━━━━━━
+  ⏭️ No companion plugins installed — skipping
+```
+and skip to the report.
 
-   **CLI:**
-   ```bash
-   REPO_ID=$(az repos show --repository "$REPO_NAME" \
-     --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
-     --query 'id' -o tsv)
-
-   az repos policy approver-count create \
-     --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
-     --repository-id "$REPO_ID" --branch "$default_branch" \
-     --minimum-approver-count 1 \
-     --creator-vote-counts false \
-     --allow-downvotes false \
-     --reset-on-source-push true \
-     --blocking true --enabled true
-   ```
+### Detection
 
-   **REST fallback:**
-   ```bash
-   curl -s -X POST -H "$AUTH" -H "Content-Type: application/json" \
-     "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/policy/configurations?api-version=7.0" \
-     -d "{
-       \"isEnabled\": true,
-       \"isBlocking\": true,
-       \"type\": {\"id\": \"fa4e907d-c16b-4a4c-9dfa-4906e5d171dd\"},
-       \"settings\": {
-         \"minimumApproverCount\": 1,
-         \"creatorVoteCounts\": false,
-         \"allowDownvotes\": false,
-         \"resetOnSourcePush\": true,
-         \"scope\": [{
-           \"repositoryId\": \"$REPO_ID\",
-           \"refName\": \"refs/heads/$default_branch\",
-           \"matchKind\": \"exact\"
-         }]
-       }
-     }"
-   ```
+Launch **Bash** subagent (**haiku**):
+
+```
+Task(
+  subagent_type: "Bash",
+  model: "haiku",
+  description: "Detect installed plugins and audit performance",
+  prompt: <read from references/phase-prompts.md#phase-7>
+)
+```
+
+Parse PLUGIN_REPORT.
 
-### Unknown Platform
+### Present Findings
 
-If `PLATFORM == unknown`, skip branch protection and report:
+If PLUGIN_REPORT contains zero findings, output:
 ```
-⏭️ Branch protection — skipped (unrecognized remote, not GitHub or Azure DevOps)
+━━ 7 · Plugin Performance ━━━━━━━━━━━━━━━━━━━━
+  ⏭️ No plugin optimisations needed
 ```
+Skip to the report.
 
-Include result in the final report under a "🔒 Branch protection" section.
+Otherwise, present findings with **AskUserQuestion**:
+
+Options:
+- "Apply all recommendations (Recommended)"
+- "Let me choose which to apply"
+- "Skip plugin tuning"
+
+If "Let me choose", present individual findings as multi-select.
+
+### Audit Rules
+
+| Code | Check | Condition | Severity |
+|------|-------|-----------|----------|
+| H1 | Hookify: no rules | enabled + zero `hookify.*.local.md` files | high |
+| H2 | Hookify: python3 broken | enabled + `python3 --version` fails | high |
+| M1 | claude-mem: read-only tools | SKIP_TOOLS missing Read/Glob/Grep/ToolSearch/Agent/WebSearch/WebFetch | medium |
+| M2 | claude-mem: high context | observations > 10 or sessions > 3, AND OMC also enabled | medium |
+| M3 | claude-mem: provider=claude | provider is "claude" (SDK spawn known-broken) | low |
+
+### Apply Approved Changes
+
+For each approved finding, follow the procedures in
+`references/plugin-tuning-steps.md`. Each script is idempotent — re-reads
+the target file before writing and checks current value before modifying.
+
+If both claude-mem AND oh-my-claudecode are detected as enabled, also inject
+the Plugin Role Separation section into the project CLAUDE.md (see
+`references/plugin-tuning-steps.md#plugin-role-separation-content`).
+Skip if section already exists (idempotent).
 
 ---
 

package/skills/brace/assets/gitignore-template

@@ -15,6 +15,10 @@ data/
 # Temp & scratch
 .tmp/
 
+# AI tooling local state
+.claude/
+.omc/
+
 # Python
 __pycache__/
 *.pyc

package/skills/brace/references/branch-protection-steps.md

@@ -0,0 +1,135 @@
+# Branch Protection Steps
+
+Procedural reference for Phase 6 — platform-specific branch protection commands.
+
+---
+
+## Platform Detection
+
+```bash
+default_branch=$(git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@' || echo "main")
+
+REMOTE_URL=$(git remote get-url origin 2>/dev/null)
+if echo "$REMOTE_URL" | grep -qiE 'dev\.azure\.com|visualstudio\.com'; then
+  PLATFORM="azdo"
+elif echo "$REMOTE_URL" | grep -qi 'github\.com'; then
+  PLATFORM="github"
+else
+  PLATFORM="unknown"
+fi
+```
+
+---
+
+## GitHub
+
+### Check existing protection
+
+```bash
+gh api repos/{owner}/{repo}/branches/{default_branch}/protection
+```
+404 = unprotected.
+
+### Apply protection
+
+```bash
+gh api repos/{owner}/{repo}/branches/{default_branch}/protection \
+  -X PUT -f required_pull_request_reviews='{"required_approving_review_count":1}' \
+  -f enforce_admins=false \
+  -f restrictions=null \
+  -f required_status_checks=null \
+  -F allow_force_pushes=false \
+  -F allow_deletions=false
+```
+
+---
+
+## Azure DevOps
+
+### Extract org and project
+
+```bash
+if echo "$REMOTE_URL" | grep -q 'dev\.azure\.com'; then
+  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*dev\.azure\.com/\([^/]*\)/.*|\1|p')
+  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*dev\.azure\.com/[^/]*/\([^/]*\)/.*|\1|p')
+  AZDO_ORG_URL="https://dev.azure.com/$AZDO_ORG"
+elif echo "$REMOTE_URL" | grep -q 'vs-ssh\.visualstudio\.com'; then
+  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*vs-ssh\.visualstudio\.com:v3/\([^/]*\)/.*|\1|p')
+  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*vs-ssh\.visualstudio\.com:v3/[^/]*/\([^/]*\)/.*|\1|p')
+  AZDO_ORG_URL="https://dev.azure.com/$AZDO_ORG"
+elif echo "$REMOTE_URL" | grep -q 'visualstudio\.com'; then
+  AZDO_ORG=$(echo "$REMOTE_URL" | sed -n 's|.*//\([^.]*\)\.visualstudio\.com.*|\1|p')
+  AZDO_PROJECT=$(echo "$REMOTE_URL" | sed -n 's|.*/\([^/]*\)/_git/.*|\1|p')
+  AZDO_ORG_URL="https://${AZDO_ORG}.visualstudio.com"
+fi
+# URL-decode for CLI/display; keep URL-safe versions for REST API paths
+AZDO_PROJECT_URL_SAFE="$AZDO_PROJECT"
+AZDO_ORG=$(python3 -c "import urllib.parse; print(urllib.parse.unquote('$AZDO_ORG'))")
+AZDO_PROJECT=$(python3 -c "import urllib.parse; print(urllib.parse.unquote('$AZDO_PROJECT_URL_SAFE'))")
+REPO_NAME=$(basename -s .git "$REMOTE_URL")
+```
+
+If org/project extraction fails, report ⚠️ and skip branch policies.
+
+### Check existing policies
+
+**CLI:**
+```bash
+az repos policy list \
+  --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
+  --repository-id "$REPO_NAME" --branch "$default_branch" \
+  --query "[].type.displayName" -o tsv
+```
+
+**REST fallback:**
+```bash
+AUTH="Authorization: Basic $(printf ":%s" "$PAT" | base64 | tr -d '\n')"
+# Get repository ID first
+REPO_ID=$(curl -s -H "$AUTH" \
+  "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/git/repositories/$REPO_NAME?api-version=7.0" \
+  | jq -r '.id')
+# List branch policies
+curl -s -H "$AUTH" \
+  "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/policy/configurations?api-version=7.0" \
+  | jq "[.value[] | select(.settings.scope[]?.refName == \"refs/heads/$default_branch\" and .settings.scope[]?.repositoryId == \"$REPO_ID\")]"
+```
+
+### Create minimum reviewer policy
+
+**CLI:**
+```bash
+REPO_ID=$(az repos show --repository "$REPO_NAME" \
+  --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
+  --query 'id' -o tsv)
+
+az repos policy approver-count create \
+  --org "$AZDO_ORG_URL" --project "$AZDO_PROJECT" \
+  --repository-id "$REPO_ID" --branch "$default_branch" \
+  --minimum-approver-count 1 \
+  --creator-vote-counts false \
+  --allow-downvotes false \
+  --reset-on-source-push true \
+  --blocking true --enabled true
+```
+
+**REST fallback:**
+```bash
+curl -s -X POST -H "$AUTH" -H "Content-Type: application/json" \
+  "$AZDO_ORG_URL/$AZDO_PROJECT_URL_SAFE/_apis/policy/configurations?api-version=7.0" \
+  -d "{
+    \"isEnabled\": true,
+    \"isBlocking\": true,
+    \"type\": {\"id\": \"fa4e907d-c16b-4a4c-9dfa-4906e5d171dd\"},
+    \"settings\": {
+      \"minimumApproverCount\": 1,
+      \"creatorVoteCounts\": false,
+      \"allowDownvotes\": false,
+      \"resetOnSourcePush\": true,
+      \"scope\": [{
+        \"repositoryId\": \"$REPO_ID\",
+        \"refName\": \"refs/heads/$default_branch\",
+        \"matchKind\": \"exact\"
+      }]
+    }
+  }"
+```

package/skills/brace/references/claude-md-template.md

@@ -49,6 +49,8 @@ MCP tools for search, timeline, and observation management. Claude Code's
 built-in auto memory (`~/.claude/projects/<project>/memory/MEMORY.md`)
 handles curated facts.
 
+{PLUGIN_ROLE_SEPARATION}
+
 {UNIVERSAL_PRINCIPLES}
 
 ## Branch Discipline

package/skills/brace/references/phase-prompts.md

@@ -170,6 +170,10 @@ empty string (principles are in the global config instead).
 
 {GITIGNORE_CONTENT}
 
+### Plugin Role Separation Content
+
+{PLUGIN_ROLE_SEPARATION}
+
 ### Global Preferences Content
 
 {GLOBAL_PREFERENCES_CONTENT}
@@ -254,3 +258,110 @@ VERIFY_REPORT:
   legacy_cleaned: true|false|not_applicable
   issues: [any problems found]
 ```
+
+---
+
+## Phase 7: Plugin Performance Detection
+
+**Agent:** Bash | **Model:** haiku
+
+```
+Detect installed Claude Code plugins and audit their performance configuration.
+
+Limit PLUGIN_REPORT to 30 lines maximum.
+
+## Checks
+
+1. **Read plugin registry**
+   SETTINGS_FILE="$HOME/.claude/settings.json"
+   if [ ! -f "$SETTINGS_FILE" ]; then
+     echo "no_settings_file"
+     echo "PLUGIN_REPORT:"
+     echo "  settings_file_found: false"
+     echo "  findings: none"
+     exit 0
+   fi
+
+   Use node to parse JSON and extract installed/enabled plugin status:
+   node -e "
+     const s = JSON.parse(require('fs').readFileSync('$HOME/.claude/settings.json','utf8'));
+     const p = s.enabledPlugins || {};
+     const hookify = Object.keys(p).find(k => k.includes('hookify'));
+     const mem = Object.keys(p).find(k => k.includes('claude-mem'));
+     const omc = Object.keys(p).find(k => k.includes('oh-my-claudecode'));
+     console.log('hookify_installed:' + !!hookify);
+     console.log('hookify_enabled:' + (hookify && p[hookify] === true));
+     console.log('claude_mem_installed:' + !!mem);
+     console.log('claude_mem_enabled:' + (mem && p[mem] === true));
+     console.log('omc_installed:' + !!omc);
+     console.log('omc_enabled:' + (omc && p[omc] === true));
+   "
+   Record: hookify_installed/enabled, claude_mem_installed/enabled, omc_installed/enabled
+
+   If a plugin is not installed (not in enabledPlugins at all), skip its
+   entire audit section below and report all its fields as "N/A".
+
+2. **Hookify audit** (only if hookify_enabled == true)
+   a. Check python3 availability:
+      python3 --version >/dev/null 2>&1 && echo "python3_available:true" || echo "python3_available:false"
+      Record: python3_available
+
+   b. Count hookify rule files:
+      RULE_COUNT=0
+      for f in "$HOME/.claude"/hookify.*.local.md .claude/hookify.*.local.md; do
+        [ -f "$f" ] && RULE_COUNT=$((RULE_COUNT + 1))
+      done
+      echo "hookify_rule_count:$RULE_COUNT"
+      Record: hookify_rule_count
+
+   c. Determine findings:
+      - If python3_available == false → finding H2
+      - If hookify_rule_count == 0 → finding H1
+
+3. **claude-mem audit** (only if claude_mem_enabled == true)
+   MEM_SETTINGS="$HOME/.claude-mem/settings.json"
+   if [ -f "$MEM_SETTINGS" ]; then
+     node -e "
+       const s = JSON.parse(require('fs').readFileSync('$HOME/.claude-mem/settings.json','utf8'));
+       console.log('skip_tools:' + (s.CLAUDE_MEM_SKIP_TOOLS || ''));
+       console.log('observations:' + (s.CLAUDE_MEM_CONTEXT_OBSERVATIONS || '50'));
+       console.log('session_count:' + (s.CLAUDE_MEM_CONTEXT_SESSION_COUNT || '10'));
+       console.log('provider:' + (s.CLAUDE_MEM_PROVIDER || 'claude'));
+       console.log('has_openrouter_key:' + !!(s.CLAUDE_MEM_OPENROUTER_API_KEY || process.env.OPENROUTER_API_KEY));
+     "
+   fi
+
+   a. Check SKIP_TOOLS for read-only tools:
+      Required: Read,Glob,Grep,ToolSearch,Agent,WebSearch,WebFetch
+      For each, check if it appears in the skip_tools value.
+      Record: missing_skip_tools (comma-separated list, or "none")
+      If any missing → finding M1
+
+   b. Check context injection levels (only if omc_enabled == true):
+      If observations > 10 OR session_count > 3 → finding M2
+      Record: current_observations, current_session_count
+
+   c. Check provider:
+      If provider == "claude" → finding M3
+      Record: current_provider
+
+## Output Format
+
+PLUGIN_REPORT:
+  settings_file_found: true|false
+  hookify_installed: true|false
+  hookify_enabled: true|false
+  hookify_python3_available: true|false|N/A
+  hookify_rule_count: {number}|N/A
+  claude_mem_installed: true|false
+  claude_mem_enabled: true|false
+  claude_mem_skip_tools: {current value}|N/A
+  claude_mem_missing_skip_tools: {list}|none|N/A
+  claude_mem_observations: {number}|N/A
+  claude_mem_session_count: {number}|N/A
+  claude_mem_provider: {value}|N/A
+  claude_mem_has_openrouter_key: true|false|N/A
+  omc_installed: true|false
+  omc_enabled: true|false
+  findings: {comma-separated list of H1,H2,M1,M2,M3 or "none"}
+```

package/skills/brace/references/plugin-tuning-steps.md

@@ -0,0 +1,125 @@
+# Plugin Tuning Steps
+
+Procedural reference for Phase 7 — `node -e` scripts for each audit rule.
+Each script is idempotent: re-reads the target file before writing and
+checks current value before modifying.
+
+---
+
+## H1/H2: Disable Hookify
+
+Target: `~/.claude/settings.json`
+
+```bash
+node -e "
+  const fs = require('fs');
+  const p = require('os').homedir() + '/.claude/settings.json';
+  const s = JSON.parse(fs.readFileSync(p, 'utf8'));
+  const key = Object.keys(s.enabledPlugins || {}).find(k => k.includes('hookify'));
+  if (key && s.enabledPlugins[key] !== false) {
+    s.enabledPlugins[key] = false;
+    fs.writeFileSync(p, JSON.stringify(s, null, 2) + '\n');
+    console.log('Disabled hookify');
+  } else {
+    console.log('Hookify already disabled — skipped');
+  }
+"
+```
+
+---
+
+## M1: Add Read-Only Tools to SKIP_TOOLS
+
+Target: `~/.claude-mem/settings.json`
+
+```bash
+node -e "
+  const fs = require('fs');
+  const p = require('os').homedir() + '/.claude-mem/settings.json';
+  const s = JSON.parse(fs.readFileSync(p, 'utf8'));
+  const required = ['Read','Glob','Grep','ToolSearch','Agent','WebSearch','WebFetch'];
+  const current = (s.CLAUDE_MEM_SKIP_TOOLS || '').split(',').map(t => t.trim()).filter(Boolean);
+  const missing = required.filter(t => !current.includes(t));
+  if (missing.length > 0) {
+    s.CLAUDE_MEM_SKIP_TOOLS = [...new Set([...current, ...missing])].join(',');
+    fs.writeFileSync(p, JSON.stringify(s, null, 2) + '\n');
+    console.log('Added to SKIP_TOOLS: ' + missing.join(', '));
+  } else {
+    console.log('All read-only tools already in SKIP_TOOLS — skipped');
+  }
+"
+```
+
+---
+
+## M2: Reduce Context Injection
+
+Target: `~/.claude-mem/settings.json`
+
+```bash
+node -e "
+  const fs = require('fs');
+  const p = require('os').homedir() + '/.claude-mem/settings.json';
+  const s = JSON.parse(fs.readFileSync(p, 'utf8'));
+  let changed = false;
+  if (parseInt(s.CLAUDE_MEM_CONTEXT_OBSERVATIONS || '50') > 10) {
+    s.CLAUDE_MEM_CONTEXT_OBSERVATIONS = '10';
+    changed = true;
+  }
+  if (parseInt(s.CLAUDE_MEM_CONTEXT_SESSION_COUNT || '10') > 3) {
+    s.CLAUDE_MEM_CONTEXT_SESSION_COUNT = '3';
+    changed = true;
+  }
+  if (changed) {
+    fs.writeFileSync(p, JSON.stringify(s, null, 2) + '\n');
+    console.log('Reduced context injection: observations=10, sessions=3');
+  } else {
+    console.log('Context injection already optimal — skipped');
+  }
+"
+```
+
+---
+
+## M3: Switch Provider to OpenRouter
+
+Target: `~/.claude-mem/settings.json`
+
+Pre-check: verify OpenRouter API key exists. If missing, warn and skip.
+
+```bash
+node -e "
+  const fs = require('fs');
+  const p = require('os').homedir() + '/.claude-mem/settings.json';
+  const s = JSON.parse(fs.readFileSync(p, 'utf8'));
+  if (s.CLAUDE_MEM_PROVIDER === 'claude') {
+    if (!s.CLAUDE_MEM_OPENROUTER_API_KEY && !process.env.OPENROUTER_API_KEY) {
+      console.log('SKIP: No OpenRouter API key configured');
+      process.exit(0);
+    }
+    s.CLAUDE_MEM_PROVIDER = 'openrouter';
+    fs.writeFileSync(p, JSON.stringify(s, null, 2) + '\n');
+    console.log('Switched provider to openrouter');
+  } else {
+    console.log('Provider already ' + (s.CLAUDE_MEM_PROVIDER || 'unset') + ' — skipped');
+  }
+"
+```
+
+---
+
+## Plugin Role Separation Content
+
+Inject after `## Memory` in the project CLAUDE.md when both claude-mem AND
+oh-my-claudecode are enabled. Skip if `### Plugin Role Separation` already
+exists (idempotent).
+
+```markdown
+### Plugin Role Separation (claude-mem + OMC)
+
+- **claude-mem** = passive memory layer (auto-capture, recall, search). Let it run silently.
+- **OMC project memory** = active, curated checkpoints and project status.
+- **OMC wiki** = architectural decisions, bug solutions, patterns.
+- Searching past work → OMC project memory first, then claude-mem for older/cross-project.
+- Code navigation → OMC LSP tools. Planning → OMC /plan or /autopilot.
+```

package/skills/brace/references/report-template.md

@@ -26,6 +26,14 @@ Present this summary after verification completes.
 │     {✅} tools/memory/     Legacy memory scripts
 │     {✅} memory/           Legacy memory directory
 │
+│  🔌 Plugin Tuning (only if Phase 7 ran)
+│     {✅|⏭️} Hookify: {disabled / already disabled / not installed / skipped / N/A}
+│     {✅|⏭️} claude-mem SKIP_TOOLS: {optimised / already optimal / not installed / skipped / N/A}
+│     {✅|⏭️} claude-mem context: {reduced / already optimal / not installed / skipped / N/A}
+│     {✅|⏭️} claude-mem provider: {switched / already optimal / not installed / skipped / N/A}
+│     {⏭️}    oh-my-claudecode: {installed / not installed}
+│     {✅|⏭️} Plugin role separation: {injected / already present / not applicable / skipped}
+│
 │  ⚠️ Notes
 │     {any warnings or skipped items}
 │
@@ -33,6 +41,7 @@ Present this summary after verification completes.
 │     1. Review CLAUDE.md and customise for your project
 │     2. Add domain knowledge to context/
 │     3. Run /speccy to design your first feature
+│     4. Restart Claude Code to activate plugin changes (if any applied)
 │
 └─────────────────────────────────────────────────
 ```

package/skills/build/SKILL.md

@@ -102,12 +102,17 @@ For each row, in order:
 4. After all checks: summarize what's available and what's degraded
 
 1. Capture **PLAN** (the user's argument) and **FLAGS**
-2. **Load project context** — invoke `/prime` to load domain-specific context
+2. **Clear pending-build marker** — if a marker was left by `/speccy`, clear it:
+   ```bash
+   PLUGIN_ROOT="${CLAUDE_PLUGIN_ROOT:-$HOME/.claude/plugins/marketplaces/slamb2k}"
+   node -e "require('$PLUGIN_ROOT/hooks/lib/state.cjs').clearPendingBuild(process.cwd())"
+   ```
+3. **Load project context** — invoke `/prime` to load domain-specific context
    (CLAUDE.md, specs, memory). If /prime is unavailable, fall back to
    manually scanning CLAUDE.md and specs/ directory.
-3. Detect project type using `references/project-detection.md` to populate
+4. Detect project type using `references/project-detection.md` to populate
    **PROJECT_CONFIG** (language, test_runner, test_setup)
-4. **Create task list** — ALWAYS create tasks upfront for all stages using
+5. **Create task list** — ALWAYS create tasks upfront for all stages using
    `TaskCreate`. This provides visible progress tracking throughout the build:
    - Task: "Stage 1: Explore codebase"
    - Task: "Stage 2: Clarifying questions" (if not `--skip-questions`)
@@ -117,11 +122,11 @@ For each row, in order:
    - Task: "Stage 7: Verify"
    - Task: "Stage 9: Ship" (if not `--no-ship`)
    Mark each task `in_progress` when starting and `completed` when done.
-5. Check for outstanding items from previous work:
+6. Check for outstanding items from previous work:
    - Query persistent tasks via `TaskList` for incomplete items
    - Search CLAUDE.md for a "Known Issues" or "Open Questions" section
    - Search memory (if available) for recent unresolved items
-4. If outstanding items found, present via AskUserQuestion:
+7. If outstanding items found, present via AskUserQuestion:
    ```
    "Found {count} outstanding items from previous work:"
    {numbered list with summary of each}

package/skills/manifest.json

@@ -1,12 +1,12 @@
 {
-  "generated": "2026-03-24T15:07:20.484Z",
+  "generated": "2026-04-17T04:43:53.359Z",
   "count": 10,
   "skills": [
     {
       "name": "brace",
       "directory": "brace",
       "description": "'Initialize any project directory with a standard scaffold for AI-assisted development. Creates specs/ and context/ directories, a project CLAUDE.md with development workflow and guardrails, .gitignore, and branch protection. Recommends claude-mem for persistent memory. Idempotent — safe to run on existing projects. Triggers: \"init project\", \"setup brace\", \"brace\", \"initialize\", \"bootstrap\", \"scaffold\".'",
-      "lines": 460,
+      "lines": 427,
       "hasScripts": false,
       "hasReferences": true,
       "hasAssets": true,
@@ -16,7 +16,7 @@
       "name": "build",
       "directory": "build",
       "description": "Context-isolated feature development pipeline. Takes a detailed design/plan as argument and executes the full feature-dev lifecycle (explore, question, architect, implement, review, ship) inside subagents so the primary conversation stays compact. Use when you have a well-defined plan and want autonomous execution with minimal context window consumption.",
-      "lines": 451,
+      "lines": 456,
       "hasScripts": false,
       "hasReferences": true,
       "hasAssets": false,
@@ -86,7 +86,7 @@
       "name": "speccy",
       "directory": "speccy",
       "description": "Deep-dive interview skill for creating comprehensive specifications. Reviews existing code and docs, then interviews the user through multiple rounds of targeted questions covering technical implementation, UI/UX, concerns, and tradeoffs. Produces a structured spec in specs/. Use when starting a new feature, system, or major change that needs a spec.",
-      "lines": 249,
+      "lines": 260,
       "hasScripts": false,
       "hasReferences": true,
       "hasAssets": false,

package/skills/speccy/SKILL.md

@@ -232,10 +232,21 @@ After the spec is created, report to the user:
 └─────────────────────────────────────────────────
 ```
 
+Then write a **pending-build marker** so the next session knows about this spec:
+
+```bash
+PLUGIN_ROOT="${CLAUDE_PLUGIN_ROOT:-$HOME/.claude/plugins/marketplaces/slamb2k}"
+node -e "require('$PLUGIN_ROOT/hooks/lib/state.cjs').savePendingBuild(process.cwd(), '{spec file path}')"
+```
+
+This marker is picked up by the session-guard hook on the next session start
+(including after `/clear`), which surfaces the build command automatically.
+
 Then display the build command:
 
 ```
 ⚡ To implement, run: /build {spec file path}
+   (You can /clear first — the spec is saved and the next session will remind you)
 ```
 
 The spec file persists on disk, so the user can `/clear` the conversation