@su-record/vibe 2.12.5 → 2.14.0

package/skills/vibe.run/references/brand-assets.md

@@ -0,0 +1,59 @@
+# Brand Assets Generation — Full Reference
+
+> Loaded by vibe.run SKILL.md when starting a new project with brand context in SPEC.
+
+## Brand Assets Generation (Optional)
+
+When starting a **new project** with brand context in SPEC, auto-generate app icons and favicons:
+
+```
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+BRAND ASSETS GENERATION
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+[Check] Brand assets exist? → Skip if favicon.ico exists
+[Check] Antigravity API configured? → Required for image generation
+[Check] SPEC has brand context? → Extract app name, colors, style
+
+[Generate] Creating app icon with Antigravity Image API...
+  - Prompt: "App icon for [AppName], [style], [color]..."
+  - Generated: 512x512 master icon
+
+[Resize] Creating platform variants...
+  favicon.ico (16/32/48)
+  favicon-16x16.png
+  favicon-32x32.png
+  apple-touch-icon.png (180x180)
+  android-chrome-192x192.png
+  android-chrome-512x512.png
+  site.webmanifest
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+Brand assets generated in public/
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+```
+
+## SPEC Brand Context Example
+
+```xml
+<context>
+Brand:
+  - App Name: MyApp
+  - Primary Color: #2F6BFF
+  - Style: Modern, minimalist, flat design
+  - Icon Concept: Abstract geometric shape
+</context>
+```
+
+## Trigger Conditions
+
+- First `/vibe.run` execution (no existing icons)
+- SPEC contains brand/design context
+- Antigravity API key configured (`vibe antigravity key <key>`)
+
+## Manual Generation
+
+```bash
+# [LLM_SCRIPT] = {{VIBE_PATH}}/hooks/scripts/llm-orchestrate.js
+node "[LLM_SCRIPT]" antigravity image "App icon for MyApp, primary color #2F6BFF, square format 1:1, simple recognizable design, works well at small sizes, no text or letters, solid or gradient background, modern minimalist" --output "./public/app-icon.png"
+```

package/skills/vibe.run/references/parallel-agents.md

@@ -0,0 +1,326 @@
+# Parallel Agents & Model Orchestration — Full Reference
+
+> Loaded by vibe.run SKILL.md when parallel execution patterns, agent teams, or model selection details are needed.
+
+## Model Orchestration (Intelligent Routing)
+
+Automatically select optimal model based on **task complexity analysis**.
+
+### Complexity-Based Model Selection
+
+| Complexity Score | Model | When to Use |
+|------------------|-------|-------------|
+| 0-7 (Low) | **Haiku** | Simple fixes, searches, single file changes |
+| 8-19 (Medium) | **Sonnet** | Standard features, 3-5 files, integrations |
+| 20+ (High) | **Opus** | Architecture, security, multi-service, 6+ files |
+
+### Complexity Signals
+
+| Signal | Score |
+|--------|-------|
+| Architecture change | +15 |
+| Security implication | +12 |
+| Multi-service | +8 |
+| Refactoring | +12 |
+| 6+ files | +15 |
+| 3-5 files | +8 |
+| New feature | +5 |
+| Bug fix | -3 |
+| Documentation | -5 |
+
+### Agent Tier System
+
+| Agent | Low (Haiku) | Medium (Sonnet) | High (Opus) |
+|-------|-------------|-----------------|-------------|
+| explorer | explorer-low | explorer-medium | explorer |
+| implementer | implementer-low | implementer-medium | implementer |
+| architect | architect-low | architect-medium | architect |
+
+### Task Calls by Role
+
+| Task Type | Model | Task Parameter |
+|-----------|-------|----------------|
+| Simple search | Haiku | `model: "haiku"` |
+| Codebase exploration | Haiku/Sonnet | Auto-selected |
+| Core implementation | Sonnet | `model: "sonnet"` |
+| Test writing | Haiku | `model: "haiku"` |
+| Architecture decisions | Opus | Main session |
+| Final review | Opus | Main session |
+
+## Mandatory Parallel Exploration (Phase Start)
+
+**BEFORE any implementation, you MUST launch these Task calls IN PARALLEL (single message, multiple tool calls):**
+
+```
+┌─────────────────────────────────────────────────────────────────┐
+│  STEP 1: PARALLEL EXPLORATION (REQUIRED)                        │
+│                                                                 │
+│  Launch ALL of these in ONE message:                            │
+│                                                                 │
+│  Task(haiku) ─┬─→ "Analyze related files in <context>"          │
+│               │                                                 │
+│  Task(haiku) ─┼─→ "Check dependencies and imports"              │
+│               │                                                 │
+│  Task(haiku) ─┴─→ "Find existing patterns and conventions"      │
+│                                                                 │
+│  [If GPT enabled] Bash: node "[LLM_SCRIPT]" gpt orchestrate-json "[question]"
+│  [If Antigravity enabled] Bash: node "[LLM_SCRIPT]" antigravity orchestrate-json "[question]"
+└─────────────────────────────────────────────────────────────────┘
+                              │
+                              ↓ (wait for all to complete)
+┌─────────────────────────────────────────────────────────────────┐
+│  STEP 2: SYNTHESIZE (Opus)                                      │
+│  - Review all exploration results                               │
+│  - Decide implementation approach                               │
+│  - Identify files to modify/create                              │
+└─────────────────────────────────────────────────────────────────┘
+                              │
+                              ↓
+┌─────────────────────────────────────────────────────────────────┐
+│  STEP 3: IMPLEMENT + BACKGROUND AGENTS (PARALLEL)               │
+│                                                                 │
+│  Main Agent (sonnet):                                           │
+│  └─→ Execute current phase implementation                       │
+│                                                                 │
+│  Background Agents (haiku, run_in_background=true):             │
+│  ├─→ Task: "Prepare Phase N+1 - analyze required files"         │
+│  ├─→ Task: "Pre-generate test cases for current implementation" │
+│  └─→ Task: "Search for related types/interfaces needed"         │
+│                                                                 │
+│  [ULTRAWORK] All 4 agents run simultaneously!                   │
+└─────────────────────────────────────────────────────────────────┘
+                              │
+                              ↓ (main completes, check backgrounds)
+┌─────────────────────────────────────────────────────────────────┐
+│  STEP 4: TEST + PHASE PIPELINING                                │
+│                                                                 │
+│  Current Phase:                                                 │
+│  └─→ Task(haiku): Write tests using pre-generated cases         │
+│                                                                 │
+│  Next Phase Prep (from background results):                     │
+│  └─→ Already have file analysis, ready to start immediately     │
+└─────────────────────────────────────────────────────────────────┘
+```
+
+### Parallel Task Call Pattern (MUST FOLLOW)
+
+**Correct — Single message with multiple parallel Tasks:**
+```
+<message>
+  Task(haiku, "Analyze src/components/ for existing patterns")
+  Task(haiku, "Check package.json dependencies")
+  Task(haiku, "Find usage of similar features in codebase")
+</message>
+→ All 3 run simultaneously, ~3x faster
+```
+
+**WRONG — Sequential calls (DO NOT DO THIS):**
+```
+<message>Task(haiku, "Analyze...")</message>
+<message>Task(haiku, "Check...")</message>
+<message>Task(haiku, "Find...")</message>
+→ 3x slower, wastes time
+```
+
+### Background Agent Pattern (ULTRAWORK) via Orchestrator
+
+```bash
+# Start background agent (doesn't block)
+node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(o => o.runAgent('Phase 2 prep: Analyze auth API endpoints', 'phase2-prep').then(r => console.log(r.content[0].text)))"
+
+# Multiple backgrounds in parallel
+node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(async o => {
+  await Promise.all([
+    o.runAgent('Phase 2 prep: Analyze auth API endpoints', 'phase2-prep'),
+    o.runAgent('Pre-generate test cases for login form', 'test-prep'),
+    o.runAgent('Find existing validation patterns', 'pattern-finder')
+  ]);
+  console.log('All background agents started');
+})"
+```
+
+**Check background agent status:**
+```bash
+node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(o => console.log(o.status().content[0].text))"
+```
+
+**Get result when ready:**
+```bash
+node -e "import('{{VIBE_PATH_URL}}/node_modules/@su-record/vibe/dist/infra/orchestrator/index.js').then(o => o.getResult('SESSION_ID').then(r => console.log(r.content[0].text)))"
+```
+
+### Phase Execution Flow (ULTRAWORK Pipeline)
+
+```
+Phase N Start
+    │
+    ├─→ [PARALLEL] Task(haiku) × 3: Exploration
+    │       - Related code analysis
+    │       - Dependency check
+    │       - Pattern discovery
+    │
+    ↓ (all complete)
+    │
+    ├─→ Opus: Synthesize and decide
+    │
+    ├─→ [PARALLEL PIPELINE] ←── KEY SPEED OPTIMIZATION
+    │       │
+    │       ├─→ Main: Task(sonnet) Implementation
+    │       │
+    │       └─→ Background (run_in_background=true):
+    │               ├─→ Task(haiku): Phase N+1 file analysis
+    │               ├─→ Task(haiku): Test case preparation
+    │               └─→ Task(haiku): Type/interface lookup
+    │
+    ↓ (main completes)
+    │
+    ├─→ Task(haiku): Tests (uses pre-generated cases)
+    │
+    ↓
+Phase N Complete
+    │
+    ↓ (Background results ready — NO WAIT for Phase N+1 exploration!)
+    │
+Phase N+1 Start (IMMEDIATE — exploration already done!)
+```
+
+**Speed Comparison:**
+
+| Mode | Phase Time | 5 Phases Total |
+|------|------------|----------------|
+| Sequential | ~2min/phase | ~10min |
+| Parallel Exploration | ~1.5min/phase | ~7.5min |
+| **ULTRAWORK Pipeline** | **~1min/phase** | **~5min** |
+
+**Why Pipeline is Faster:**
+- Background agents prepare next phase WHILE current phase implements
+- No idle time between phases
+- Test cases pre-generated during implementation
+- Cache stays warm across parallel tasks
+
+## Agent Teams
+
+### Dev Team (Full)
+
+> **팀 정의**: `agents/teams/dev-team.md` 참조
+> 설정: `CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1` + `teammateMode: in-process`
+
+**활성화 조건:**
+- ULTRAWORK 모드 + 3개 이상 시나리오
+- 또는 복잡도 점수 20+ (High)
+
+### Lite Team (Normal Mode)
+
+> **팀 정의**: `agents/teams/lite-team.md` 참조
+
+**활성화 조건:**
+- 일반 모드 + 3개 이상 시나리오
+- 복잡도 점수 8-19 (Medium)
+- 단순 구현(1-2 파일, 시나리오 2개 이하)에서는 기존 병렬 모드 유지
+
+**팀 선택 기준:**
+
+| 조건 | 팀 |
+|------|-----|
+| 시나리오 1-2개, 파일 1-2개 | 기존 병렬 모드 (팀 없음) |
+| 시나리오 3개+, 일반 모드 | **Lite Team (3명)** |
+| ULTRAWORK 또는 복잡도 20+ | Dev Team Full (4명) |
+
+### Review Team
+
+> **팀 정의**: `agents/teams/review-debate-team.md` 참조
+
+**활성화 조건:**
+- `/vibe.review` 실행 후 P1 또는 P2 이슈 2개 이상 발견 시
+- Agent Teams 환경변수 활성화 상태
+
+### Debug Team
+
+> **팀 정의**: `agents/teams/debug-team.md` 참조
+
+**활성화 조건:**
+- 동일 빌드/테스트 실패 3회 이상
+- architecture-level uncertainty during review (stuck on root cause)
+
+### Research Team
+
+> **팀 정의**: `agents/teams/research-team.md` 참조
+
+**활성화 조건:**
+- `/vibe.spec` Step 3 리서치 단계
+- Agent Teams 환경변수 활성화 상태
+
+### Security Team
+
+> **팀 정의**: `agents/teams/security-team.md` 참조
+
+**활성화 조건:**
+- auth, payment, user-data, crypto 관련 파일 변경 감지 시
+- 또는 수동으로 `security` 키워드 지정 시
+
+### Migration Team
+
+> **팀 정의**: `agents/teams/migration-team.md` 참조
+
+**활성화 조건:**
+- package.json 주요 의존성 버전 변경 감지 시
+- 또는 수동으로 `migration` 키워드 지정 시
+
+### Fullstack Team
+
+> **팀 정의**: `agents/teams/fullstack-team.md` 참조
+
+**활성화 조건:**
+- SPEC에 frontend + backend 파일이 모두 포함된 경우
+- 또는 수동으로 `fullstack` 키워드 지정 시
+
+## External LLM Usage (When Enabled)
+
+When external LLMs are enabled in `.vibe/config.json`:
+
+| Role | Method | Condition |
+|------|--------|-----------|
+| User direct query | `gpt.question`, `antigravity.question` | Hook auto-handles |
+| Internal orchestration | Call global script via Bash | Claude calls directly |
+
+**Claude internal calls (directly via Bash):**
+```bash
+# [LLM_SCRIPT] = {{VIBE_PATH}}/hooks/scripts/llm-orchestrate.js
+
+# GPT call (short prompt - CLI arg)
+node "[LLM_SCRIPT]" gpt orchestrate-json "[question content]"
+
+# Antigravity call
+node "[LLM_SCRIPT]" antigravity orchestrate-json "[question content]"
+
+# Long prompt - use --input file (write JSON file first with Write tool)
+node "[LLM_SCRIPT]" gpt orchestrate-json --input "[SCRATCHPAD]/input.json"
+```
+
+### External LLM Fallback
+
+**When GPT/Antigravity hook fails, Claude MUST handle the task directly:**
+- Do NOT retry the external LLM call
+- Claude handles the task using its own capabilities
+- Continue with the implementation without interruption
+- Log the fallback but don't block progress
+
+## Codex Plugin Integration
+
+> **Codex 플러그인 감지**: 워크플로우 시작 시 아래 명령으로 자동 감지.
+
+```bash
+CODEX_AVAILABLE=$(node "{{VIBE_PATH}}/hooks/scripts/codex-detect.js" 2>/dev/null || echo "unavailable")
+```
+
+`available`이면 `/codex:rescue` (구현 위임), `/codex:review` (코드 리뷰) 자동 호출.
+
+**독립 시나리오 위임:**
+```
+/codex:rescue "Implement scenario: {scenario-name}. Files: {file-list}. Requirements: {requirements-summary}" --background
+```
+
+**위임 기준:**
+- 시나리오 간 파일 의존성 없음 (독립적)
+- 시나리오 복잡도 중간 이하
+- 의존성 있는 시나리오는 Claude가 직접 구현

package/skills/vibe.run/references/race-review.md

@@ -0,0 +1,272 @@
+# Race Code Review & Quality Gate — Full Reference
+
+> Loaded by vibe.run SKILL.md when Race Review (GPT+Antigravity), quality gate thresholds, or type safety details are needed.
+
+## Race Code Review (GPT + Antigravity) + Auto-Fix (v2.6.9)
+
+After all scenarios are implemented, **GPT and Antigravity review in parallel with cross-validation**:
+
+> **ULTRAWORK Default**: In ULTRAWORK mode, race review is automatically enabled.
+
+```
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+RACE CODE REVIEW (GPT + Antigravity)
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+[Step 1] Parallel review execution...
+  ├─ GPT Codex: Reviewing...
+  └─ Antigravity: Reviewing...
+
+[Step 2] Cross-validation results:
+  ┌──────────────────────────────────────────────────────────────────┐
+  │ Issue                          │ GPT │ Antigravity │ Codex │ Confidence│
+  │────────────────────────────────│─────│────────│───────│───────────│
+  │ Timing attack in password      │     │        │       │ 100% → P1 │
+  │ Rate limiting missing          │     │        │       │ 100% → P1 │
+  │ Magic number usage             │     │        │       │ 50% → P2  │
+  └──────────────────────────────────────────────────────────────────┘
+
+  Summary: 3 issues (P1: 2, P2: 1)
+
+[Step 3] Auto-fixing P1/P2 issues...
+  auth.service.ts:24 - Applied timingSafeEqual (P1)
+  auth.controller.ts:15 - Added rate limiter (P1)
+  auth.service.ts:42 - Extracted constant (P2)
+
+[Step 4] Re-verifying...
+  Build succeeded
+  Tests passed
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+Race review complete! 3 improvements (2 P1, 1 P2)
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+```
+
+## Race Review Invocation
+
+**Use --input file to avoid CLI argument length limits and Windows pipe issues.**
+
+1. Save code to review into `[SCRATCHPAD]/review-code.txt` (using Write tool)
+2. Write JSON input file `[SCRATCHPAD]/review-input.json` (using Write tool):
+   - `{"prompt": "Review this code for security, performance, and best practices. Return JSON: {issues: [{id, title, description, severity, suggestion}]}. Code: [CODE_CONTENT]"}`
+3. Script path: `[LLM_SCRIPT]` = `{{VIBE_PATH}}/hooks/scripts/llm-orchestrate.js`
+4. Run GPT + Antigravity in PARALLEL (two Bash tool calls at once):
+
+```bash
+# GPT review (Bash tool call 1)
+node "[LLM_SCRIPT]" gpt orchestrate-json --input "[SCRATCHPAD]/review-input.json"
+```
+
+```bash
+# Antigravity review (Bash tool call 2 - run in parallel)
+node "[LLM_SCRIPT]" antigravity orchestrate-json --input "[SCRATCHPAD]/review-input.json"
+```
+
+**Confidence-based Priority:**
+
+| Confidence | Priority | Action |
+|------------|----------|--------|
+| 100% (3/3 or 2/2) | P1 | Auto-fix immediately |
+| 67% (2/3) | P1 | Auto-fix immediately |
+| 50% (1/2) or 33% (1/3) | P2 | Auto-fix with review |
+
+**Fallback handling:**
+- If one LLM fails → Use remaining LLM results (reduced confidence)
+- If all fail → Skip and proceed (log warning)
+
+**Review application rules:**
+
+| Feedback Type | Action |
+|---------------|--------|
+| Security vulnerability (P1) | Auto-fix immediately |
+| Performance improvement (P1/P2) | Auto-fix immediately |
+| Best practices (P2) | Auto-fix |
+| Style/preference (P3) | Apply selectively |
+
+**Conditions:**
+- **ULTRAWORK**: Race review enabled by default
+- **Normal mode**: Use `--race` flag to enable
+- Must re-verify build/tests after fixes
+
+### Codex Code Review (Codex 플러그인 활성화 시)
+
+GPT+Antigravity race와 **동시에** Codex review 실행:
+
+```
+/codex:review
+```
+
+결과를 race review 교차 검증에 포함 — 3중 리뷰:
+
+```markdown
+| Issue | GPT | Antigravity | Codex | Confidence |
+|-------|-----|--------|-------|------------|
+| {이슈} | ✅/❌ | ✅/❌ | ✅/❌ | {%} |
+```
+
+## Implementation Quality Checklist
+
+Before marking any scenario as complete, ALL items must pass:
+
+| Category | Check Item | Weight |
+|----------|------------|--------|
+| **Functionality** | All Given/When/Then conditions verified | 20% |
+| **Functionality** | Edge cases handled per scenario | 10% |
+| **Code Quality** | No `any` types in TypeScript | 10% |
+| **Code Quality** | Functions ≤50 lines, nesting ≤3 levels | 10% |
+| **Code Quality** | No hardcoded values (use constants) | 5% |
+| **Security** | Input validation implemented | 10% |
+| **Security** | Authentication/authorization checked | 5% |
+| **Error Handling** | Try-catch or error states present | 10% |
+| **Error Handling** | User-friendly error messages | 5% |
+| **Testing** | Unit tests exist for core logic | 10% |
+| **Performance** | No N+1 queries or unnecessary loops | 5% |
+
+## Quality Score Calculation
+
+```
+Score = Σ(checked items × weight) / 100
+
+Grades:
+- 95-100: EXCELLENT - Ready to merge
+- 90-94:  GOOD - Minor improvements required before merge
+- 80-89:  FAIR - Significant improvements required
+- 0-79:   POOR - Major fixes needed
+```
+
+## Quality Gate Thresholds
+
+| Gate | Minimum Score | Condition |
+|------|---------------|-----------|
+| **Scenario Complete** | 95 | Each scenario must score ≥95 |
+| **Phase Complete** | 95 | Average of all scenarios ≥95 |
+| **Feature Complete** | 95 | All phases complete + Antigravity review |
+
+## Auto-Fix Triggers
+
+| Issue Type | Auto-Fix Action |
+|------------|-----------------|
+| Missing error handling | Add try-catch wrapper |
+| Hardcoded values | Extract to constants file |
+| Missing input validation | Add validation schema |
+| Function too long | Suggest split points |
+| N+1 query detected | Add eager loading |
+
+### Auto-Fix 실패 시 Codex Rescue (Codex 플러그인 활성화 시)
+
+P1 auto-fix가 **3회 실패** 시, Codex에 위임:
+
+```
+/codex:rescue "Fix P1 issue: {issue-description}. File: {file-path}. Error: {error-message}"
+```
+
+## Forbidden Patterns (Detected — Injected as additionalContext, Block at Commit Gate)
+
+> Detection results are injected as `additionalContext` into the model; commit-level blocking occurs via the auto-commit verify gate and pr-test-gate. These patterns do not block file edits directly.
+
+| Pattern | Why Forbidden | Detection |
+|---------|---------------|-----------|
+| `console.log` | Debug code in production | Regex scan |
+| `// TODO` without issue | Untracked work | Comment scan |
+| `any` type | Type safety bypass | TypeScript check |
+| `@ts-ignore` | Type error suppression | TypeScript check |
+| Empty catch blocks | Silent error swallowing | AST analysis |
+| Commented-out code | Dead code | Comment scan |
+
+## Type Safety — Language-Specific Guidelines
+
+### Universal Anti-Patterns (All Languages)
+
+| Forbidden Pattern | Why | Instead |
+|---------------------|-----|-----------|
+| Type escape hatches (`any`, `Any`, `Object`, `void*`, `interface{}`) | Loses type info, runtime errors | Concrete types or `unknown` + guards |
+| Type suppression (`@ts-ignore`, `# type: ignore`, `@SuppressWarnings`) | Hides errors | Fix actual type issues |
+| Raw generic types (`List`, `Map` without params) | Loses type safety | `List<User>`, `Map<String, Order>` |
+| Excessive casting (`as`, `(Type)`, `unsafe`) | Bypasses compiler | Type guards or pattern matching |
+
+### TypeScript/JavaScript
+
+```typescript
+// BAD
+function process(data: any): any { return data.foo; }
+
+// GOOD
+function process(data: unknown): Result {
+  if (isValidData(data)) return data.foo;
+  throw new Error('Invalid');
+}
+```
+
+### Python
+
+```python
+# BAD
+def process(data: Any) -> Any: return data["key"]
+
+# GOOD
+def process(data: UserData) -> str: return data["name"]
+```
+
+### Java/Kotlin
+
+```java
+// BAD
+List items = new ArrayList();  // Raw type
+
+// GOOD
+List<User> users = new ArrayList<>();
+```
+
+### Go
+
+```go
+// BAD
+func process(data interface{}) interface{} { ... }
+
+// GOOD
+func process(data UserRequest) (UserResponse, error) { ... }
+```
+
+### Rust
+
+```rust
+// BAD (unnecessary unsafe or Box<dyn Any>)
+let data: Box<dyn Any> = get_data();
+
+// GOOD
+let data: UserData = get_data()?;
+```
+
+### C\#
+
+```csharp
+// BAD
+object data = GetData();
+dynamic result = Process(data);
+
+// GOOD
+UserData data = GetData();
+Result result = Process(data);
+```
+
+### Type Safety Rules
+
+| Rule | Description |
+|------|-------------|
+| **Boundary Validation** | Validate only at system boundaries (API, JSON, user input) |
+| **Internal Trust** | After validation, pass only precise types internally |
+| **No Type Escape** | Never use escape hatches to "fix" type errors |
+| **Explicit Signatures** | Specify types in function/method signatures |
+| **Generics with Params** | Always use generics with type parameters |
+
+### Type Violations — Detection & Escalation
+
+> Type violations are detected by static analysis and injected as `additionalContext` for the model to act on. Commit-level enforcement occurs at the auto-commit verify gate.
+
+| Violation | Detection outcome |
+|-----------|--------|
+| Type escape hatches (`any`, `Any`, `Object`, `interface{}`, etc.) | Injected as P1 finding |
+| Type suppression comments | Injected as P1 finding |
+| Raw generic types | Injected as P1 finding |
+| Missing function return types | Injected as warning |
+| Excessive type casting | Injected as warning |