npm - @trac3er/oh-my-god - Versions diffs - 2.0.7 → 2.0.8 - Mend

@trac3er/oh-my-god 2.0.7 → 2.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (315) hide show

package/artifacts/release/dist/public/manifest.json CHANGED Viewed

@@ -1,11 +1,11 @@
 {
   "schema": "OmgCompiledArtifactManifest",
   "channel": "public",
-  "contract_version": "2.0.5",
+  "contract_version": "2.0.8",
   "artifacts": [
     {
       "path": "bundle/.agents/skills/omg/AGENTS.fragment.md",
-      "sha256": "57e36ddde11cbb98aa9010f9ef4f29529f777574e0b45f66536a387e7b75c85c"
+      "sha256": "0c6b1b74a746cabe933321d27541836a5526acda02da1131616dcb09c56101bc"
     },
     {
       "path": "bundle/.agents/skills/omg/algorithms/SKILL.md",
@@ -23,10 +23,22 @@
       "path": "bundle/.agents/skills/omg/api-twin/openai.yaml",
       "sha256": "8b711205c230c16695702b1eeeb426d844aa76a87c55f220298cdaf105ceee1d"
     },
+    {
+      "path": "bundle/.agents/skills/omg/claim-judge/SKILL.md",
+      "sha256": "cc65993357813c41fb81502de8781743e84e529088da19dbf8735e0a22f8519c"
+    },
+    {
+      "path": "bundle/.agents/skills/omg/claim-judge/openai.yaml",
+      "sha256": "b64dc801159a6e9adcd704326122f64c1bad7f71d87f22ada47918f7527151cc"
+    },
     {
       "path": "bundle/.agents/skills/omg/codex-mcp.toml",
       "sha256": "a56de208a369a2b318d2e66e150eef4cba1fac1ecf32bda6db1a1e4b65db7311"
     },
+    {
+      "path": "bundle/.agents/skills/omg/codex-rules.md",
+      "sha256": "939b128a1904e0d8b2b21208a308b558bcd51bd6c0de32e60e59d6744821e9d0"
+    },
     {
       "path": "bundle/.agents/skills/omg/control-plane/SKILL.md",
       "sha256": "fe281985ffbfb4d324d0ae421653c96d501bfda4ef1462865e2868276c40a3c2"
@@ -99,6 +111,14 @@
       "path": "bundle/.agents/skills/omg/mcp-fabric/openai.yaml",
       "sha256": "18dc35b4d6fb598b572ec933153e80de5449be9e07ef07178e4f875e39a8915c"
     },
+    {
+      "path": "bundle/.agents/skills/omg/plan-council/SKILL.md",
+      "sha256": "0c7e92cebcfbb22a4f267008b97947ae80f880906a5593e0bdc1baa60bb6c054"
+    },
+    {
+      "path": "bundle/.agents/skills/omg/plan-council/openai.yaml",
+      "sha256": "fee8d5ce4acc9cc03f5de73701bf0cfd866de7acaa1ff4c3cb518a47c1399a26"
+    },
     {
       "path": "bundle/.agents/skills/omg/preflight/SKILL.md",
       "sha256": "1f7783ff53f59a4368f1ec7746faa3f1a66805312291851f43ae2fe6a7d58f30"
@@ -107,6 +127,14 @@
       "path": "bundle/.agents/skills/omg/preflight/openai.yaml",
       "sha256": "1074dff95ae9f6951cdd9bb3d6b5c4add7d6a688b0ceed3d79d365dff42bfca6"
     },
+    {
+      "path": "bundle/.agents/skills/omg/proof-gate/SKILL.md",
+      "sha256": "9f6c58e6c8c8c967cfa276e7efe06d1cce8d964ffd0ce8e131794496614ec759"
+    },
+    {
+      "path": "bundle/.agents/skills/omg/proof-gate/openai.yaml",
+      "sha256": "5e9cac6f19099fc3ed6492551484570cabcba8b479cdee254721c05be296780d"
+    },
     {
       "path": "bundle/.agents/skills/omg/remote-supervisor/SKILL.md",
       "sha256": "506988d9eb379dad027ad1dd0087e81f12594faed16a91dbda021975de28e19f"
@@ -139,6 +167,14 @@
       "path": "bundle/.agents/skills/omg/security-check/openai.yaml",
       "sha256": "cf06bd8b852ad6c4694d8aeadd05ae4c9b63d32fa5cee085152683c65a3343e5"
     },
+    {
+      "path": "bundle/.agents/skills/omg/test-intent-lock/SKILL.md",
+      "sha256": "ec04b427841b40bc390db1403d52933c24c26b7d3cabb762e39ccc508f33127a"
+    },
+    {
+      "path": "bundle/.agents/skills/omg/test-intent-lock/openai.yaml",
+      "sha256": "57ee74b4a518afb6d524038fb461f20892f295c7bae74f223acfe51a8f645199"
+    },
     {
       "path": "bundle/.agents/skills/omg/tracebank/SKILL.md",
       "sha256": "c4ba5cbe7acca1be333f376f27f800482c1080eb8e95b34744313f1d64a84fcd"
@@ -157,99 +193,159 @@
     },
     {
       "path": "bundle/.claude-plugin/marketplace.json",
-      "sha256": "891da444ad4b69cb61eebf5b083fcc67937632c435c8028176422debee8e4887"
+      "sha256": "06549b994609245c5f13d6053f9049acce862c7a949f8ec63ce057b13206c0c4"
     },
     {
       "path": "bundle/.claude-plugin/plugin.json",
-      "sha256": "fe79af472d21bd47da149116ff1ed5c82b08c4bfd60b470e5d4faf6799f9abf7"
+      "sha256": "fe7531e0527d288413151433ee5daa3106383442024d5dad072373f8f26d57d1"
     },
     {
       "path": "bundle/.mcp.json",
-      "sha256": "d8249fdd26e0df0a9b7cabcb34256d7e33578e1d0e9878cc91d43452a10f7c24"
+      "sha256": "e16897732dbd20ba7f47e5c0513b146a8d847454c8c13aa9e0a6031e5a498fa4"
     },
     {
       "path": "bundle/OMG_COMPAT_CONTRACT.md",
-      "sha256": "fa7a4a16097b35170784e136f8ff9eae64c825a07f55413fb8fea3e7ab40c2e5"
+      "sha256": "4c628cf93698b051e183db0ddaa80dbdac7a3667071d048cba0f25419271e28d"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:code-review.md",
+      "sha256": "99ba9756586924d0ebdd43c4ca65f925b86f6c4bf6bc98d355f0cb9a17f9f6b0"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:deep-plan.md",
+      "sha256": "ccc235efa52643afd5550765bb0a3b9697be40bf4731392fde3f1c0e5c43f9e0"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:handoff.md",
+      "sha256": "eea0da517e14abb0a9bc6fe661f310a81c0282ff666803da4ae1be47fb597011"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:learn.md",
+      "sha256": "338f87222db65114f8c83de2185a21c7c2538832395524ac39ea38a0e09d73b3"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:maintainer.md",
+      "sha256": "1a29d4cb6839dd6de8c11b88b93a72fb9a371cfb7784bfe409d5e5ef0a825508"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:ralph-start.md",
+      "sha256": "31b2aded6032b5f061dbb7cd92dff53bbe3b527b9e9ba93d5043cad2847a6365"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:ralph-stop.md",
+      "sha256": "b43acad180bd205ddd78d42f1c7ecf315e521a0c345bf9d42b24d8c4d3913ce3"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:security-review.md",
+      "sha256": "f2a0e1a61b4110ac88202e2e5c166191867423235bf61030ef9cc082d964cc22"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:sequential-thinking.md",
+      "sha256": "1830de63009cb07c80cbcecf143f6df7560e7f031ac5b1d509b726d184e441da"
+    },
+    {
+      "path": "bundle/plugins/advanced/commands/OMG:ship.md",
+      "sha256": "3a44016f71a4d73de04043f0c13a6655541c090498908b2bc858c29514a653d4"
+    },
+    {
+      "path": "bundle/plugins/advanced/plugin.json",
+      "sha256": "4968387bae13eaf91792a0c845c28a5007eeefd04d09320b0d783d9563f1481b"
     },
     {
       "path": "bundle/registry/bundles/algorithms.yaml",
-      "sha256": "cc589c80d47ab2eb1bb2f142d462e40fc1c5f108e175360b40929326966de723"
+      "sha256": "d52c36a0c18535eab9f45b37b0e835b1296ee2dc0d84f2925c23eb8d76390377"
     },
     {
       "path": "bundle/registry/bundles/api-twin.yaml",
-      "sha256": "6952f8d45dbfa29afac88de0f110b2941804c4543dae4c0f5562cb876de376b7"
+      "sha256": "1785a09173a380855d8d671d2e8c53b48a0c10ed79dd2d5647cac93fd95ef072"
+    },
+    {
+      "path": "bundle/registry/bundles/claim-judge.yaml",
+      "sha256": "681d69599a20b8172716eaf4290e10821594c4db0a3943147d17628e997cafe9"
     },
     {
       "path": "bundle/registry/bundles/control-plane.yaml",
-      "sha256": "fc3ecec96e30a384d56917aaed36ebd39bbc6f545d22b26465e2aec8a1f9b85d"
+      "sha256": "8a1677d622d2f660b7d1109579f026bd078f97eb624669c618247451bd07f172"
     },
     {
       "path": "bundle/registry/bundles/data-lineage.yaml",
-      "sha256": "602a1906d976ff93beb961affd7b5f6d4dc6486cd960ad47aa2a2b6c65724585"
+      "sha256": "5811a8cf765c73dac6990bebc5a4eaadf5e4be5b9418846efdb6289903b3c5e0"
     },
     {
       "path": "bundle/registry/bundles/delta-classifier.yaml",
-      "sha256": "d08df8acb9713c58767a0c1a390fd35a61b7e1a290cfb13376a8f5517cbcc7f3"
+      "sha256": "ecf2e6fc8e07bc091d3d429c90b94b47ff0c96455467c82feae709bada388c29"
     },
     {
       "path": "bundle/registry/bundles/eval-gate.yaml",
-      "sha256": "c3de322fece33b91f503740f828e318264d0388d3403b98f09c2d73486a57b81"
+      "sha256": "3048cb1c18c3d7814c88689121e44bc54ce45e1478f33c395b247edc55727f76"
     },
     {
       "path": "bundle/registry/bundles/health.yaml",
-      "sha256": "3192a27f326656732fe83ed6e725366bc2c9bb7e5009de07b9097b864357383b"
+      "sha256": "7d52b0d460e4b72a37557b787ab328e5f6be03c313f2c3c58c2882b6c55168b4"
     },
     {
       "path": "bundle/registry/bundles/hook-governor.yaml",
-      "sha256": "ccb6edc43da2594eb93ad00abe3447879923f83067201d82927a942bb25f412d"
+      "sha256": "5e5d6bc3f2f8a8fc5f7a461c46b1d4f9a76467098b057e5796cc70280c21bc0d"
     },
     {
       "path": "bundle/registry/bundles/incident-replay.yaml",
-      "sha256": "aeaee69df8fdb8652707f3a228e4556e3a42a1487f4b77d33f47197370bd24a6"
+      "sha256": "af2480af08cbc2617f97561225f1b7dfa3f0d9897754c9e04dc9035655709772"
     },
     {
       "path": "bundle/registry/bundles/lsp-pack.yaml",
-      "sha256": "b0e6f74fd0b52cf37960defc3c9a0b66b722d98b7db15f6b1d4e11eae9a96707"
+      "sha256": "58963389f5c24eb88f3fef181ce8593733b856f8db75fad3f51c0006413a2381"
     },
     {
       "path": "bundle/registry/bundles/mcp-fabric.yaml",
-      "sha256": "40766fb1fed2fbd29ae029915d2c883f3c3f38157fa3c0d72018381c75df6e31"
+      "sha256": "d9d69f9a5b60c3eb2ffe59500696866f28deebb159aff9ccfc81468c4ba727c1"
+    },
+    {
+      "path": "bundle/registry/bundles/plan-council.yaml",
+      "sha256": "48ffc6d1549a4ce3d8a1a5fbb25fd37d7a6f7af0c1347315b7d2a66408627679"
     },
     {
       "path": "bundle/registry/bundles/preflight.yaml",
-      "sha256": "f12fd6b4aaa045141dcaaf62b51f5de7d31de2625f819ad368adc1a6e2010b18"
+      "sha256": "716a47105e52bfae5fa69e520c2b3f0fb1cde63872837e817cd364e97b9bac11"
+    },
+    {
+      "path": "bundle/registry/bundles/proof-gate.yaml",
+      "sha256": "f0cd5d3916405e30b84069cda4348a9ba8dd073c22b259c6619cf55ebe07cde9"
     },
     {
       "path": "bundle/registry/bundles/remote-supervisor.yaml",
-      "sha256": "ac727c3074ae4a95e66b7e023f38ad22c3ae903db8af079b8b66c83fad57e650"
+      "sha256": "21ca5c27c01ec958aa17df08cf567b72d254a7ece628b6ef51452ef41541f8f8"
     },
     {
       "path": "bundle/registry/bundles/robotics.yaml",
-      "sha256": "8748fdb84285c2131685626182ba86806d3cffecfe5c94c6438a791f983afd2b"
+      "sha256": "c169d765137b80347c0d18c4bb4b462ed1797a7e13eb9c86bec2d4c4f5b8a28c"
     },
     {
       "path": "bundle/registry/bundles/secure-worktree-pipeline.yaml",
-      "sha256": "f62b4d9daee055362e013883f86479d2ddc2b22f8a97be84342a1b2979b9d584"
+      "sha256": "31c80af3b2cf589c338c8690880e330dcd9481b3a15ecb3f964aa2c6212df7aa"
     },
     {
       "path": "bundle/registry/bundles/security-check.yaml",
-      "sha256": "768f412af9696b8c83320c4d1d92c0703ed553296bbf54aff9c0c387f7a86cf0"
+      "sha256": "b2b4d4ec168acee3891cd0d6230909a2ba1544ea60a3df7b24957fd57405c711"
+    },
+    {
+      "path": "bundle/registry/bundles/test-intent-lock.yaml",
+      "sha256": "73f8eda6d0af194b334fa92c218c27b54d203db62ce7d9f2bf1ae6f9441535a2"
     },
     {
       "path": "bundle/registry/bundles/tracebank.yaml",
-      "sha256": "500b996f7c55e652e9b4b677fefa472b49b4f61c052b7996738ed1389a575f3a"
+      "sha256": "1143e896f40d59f1732a0ce3260a620abec202b61c9e335ae6a2e1e58eda5893"
     },
     {
       "path": "bundle/registry/bundles/vision.yaml",
-      "sha256": "9f8b8be109d791954e6da97c0caed9234a58c15f1e9a189c445d0a55ec2591d8"
+      "sha256": "1d9903c943ad6c1ca4796125e97da1839b6f6c0bd3242919036df65dec5ae495"
     },
     {
       "path": "bundle/registry/omg-capability.schema.json",
-      "sha256": "f83f7b4cab70c93fe8decc6d691bc713609b415b3195c66733b925db3a389bf8"
+      "sha256": "486751cecb434c5f169189528ebe5c7ddddadcb0549abdd59f09e7b10844aba1"
     },
     {
       "path": "bundle/settings.json",
-      "sha256": "b19647f9a2037b67e186ae35d88c57b045bdabc65f5983e3534902ee25a5c2b9"
+      "sha256": "b9bb5303b8d0495cd9ef9933e5fef44b083587e745c7065be2007e197fde8f4b"
     }
   ]
 }

package/artifacts/release/plugins/advanced/commands/OMG:code-review.md ADDED Viewed

@@ -0,0 +1,114 @@
+---
+description: Deep code review — reads file completely, checks line-by-line for issues, then analyzes whole-file structure. Enforces code hygiene.
+allowed-tools: Read, Bash(cat:*), Bash(grep:*), Bash(wc:*), Bash(head:*), Bash(find:*), Bash(rg:*), Grep, Glob
+argument-hint: "[file path or 'recent' for git-changed files]"
+---
+# /OMG:code-review — Line-by-Line + Structural Review
+## Philosophy
+Two passes: LINE-BY-LINE precision, then WHOLE-FILE understanding.
+Don't just scan — READ and UNDERSTAND every line.
+## Step 1: Determine Scope
+- If file specified: review that file
+- If "recent" or no argument: review uncommitted changes
+  ```bash
+  git diff --name-only HEAD 2>/dev/null
+  git diff --cached --name-only 2>/dev/null
+  ```
+## Step 2: Read the FULL File First
+Read the ENTIRE file. Not just the changed part. Not just a function.
+Understanding comes from seeing the whole context.
+Note:
+- What does this file DO? (its purpose in the system)
+- What are its DEPENDENCIES? (imports, calls)
+- What does it EXPORT? (public API)
+## Step 3: Line-by-Line Scan
+For each line, check:
+**Correctness:**
+- Logic errors (off-by-one, null checks, type mismatches)
+- Missing error handling (unhandled promises, bare except, no null check)
+- Race conditions (shared state, async without await, unchecked concurrent access)
+**Security (if auth/payment/database):**
+- Hardcoded secrets → CRITICAL
+- SQL injection (string concatenation in queries) → CRITICAL
+- XSS (innerHTML, dangerouslySetInnerHTML) → HIGH
+- Missing input validation → MEDIUM
+- Overly permissive CORS/cookies → MEDIUM
+**Hygiene:**
+- Dead code (unused imports, variables, unreachable branches)
+- Noise comments ("increment i", "return result", "constructor")
+- console.log/print left in production code
+- TODO/FIXME/HACK without tracking
+- Overly complex functions (>40 lines → suggest extract)
+- Duplicated logic (same pattern in 2+ places → suggest DRY)
+## Step 4: Whole-File Structure Analysis
+After line-by-line:
+- Does the file do ONE thing well, or is it a dumping ground?
+- Are functions ordered logically? (public first, helpers after, or lifecycle order)
+- Is naming consistent? (camelCase throughout? PascalCase for classes?)
+- Does it follow the project's domain pattern? (check .omg/knowledge/domain-patterns/)
+- Any circular dependencies?
+- Is error handling consistent across all functions?
+## Step 5: Report
+```
+Code Review — [file]
+━━━━━━━━━━━━━━━━━━━━
+Structure: [CLEAN | NEEDS_WORK | MESSY]
+Security:  [SAFE | REVIEW_NEEDED | CRITICAL]
+Hygiene:   [CLEAN | NEEDS_CLEANUP]
+Issues:
+  [line:col] CRITICAL: [description]
+  [line:col] HIGH: [description]
+  [line:col] MEDIUM: [description]
+  [line:col] LOW: [description]
+Dead Code:
+  [line] unused import: [name]
+  [line] unreachable after return
+Noise Comments (remove these):
+  [line] "// increment counter"
+  [line] "// return the value"
+Structural:
+  - [function] is [N] lines — consider extracting [suggestion]
+  - [pattern] duplicated at lines [X] and [Y]
+Recommendation: [summary of what to fix, in priority order]
+```
+## Step 6: For Security-Critical Files
+If the file touches auth, payment, or database:
+```
+/OMG:escalate codex "Line-by-line security review of [file]. Check:
+1. Every input validation point
+2. Every database query for injection
+3. Every auth check for bypass
+4. Every secret reference for hardcoding
+Report: line numbers + severity + fix suggestion"
+```
+## Anti-patterns
+- DON'T skim and say "looks good" — read every line
+- DON'T only check the diff — read the full file for context
+- DON'T ignore test files — they can have real issues too
+- DON'T add more noise comments as "fixes" — remove them instead
+- DON'T suggest unnecessary code as improvements

package/artifacts/release/plugins/advanced/commands/OMG:deep-plan.md ADDED Viewed

@@ -0,0 +1,266 @@
+---
+description: Deep strategic planning — understands user direction, asks smart questions, creates comprehensive plan with domain awareness
+allowed-tools: Read, Write, Edit, MultiEdit, Bash(find:*), Bash(cat:*), Bash(git:*), Bash(wc:*), Bash(tree:*), Bash(mkdir:*), Bash(tee:*), Grep, Glob
+argument-hint: "[feature or goal to plan]"
+---
+# /OMG:deep-plan — Strategic Planning with Direction Understanding
+## Philosophy
+Regular planning = "what steps to take."
+Deep planning = "understand WHY the user wants this, WHAT direction they're heading, and HOW it fits the bigger picture."
+This command is the public compatibility path to the canonical `plan-council` bundle.
+Users invoke `/OMG:deep-plan`; the runtime routes to `plan-council` for execution.
+## Step 1: Direction Discovery (MANDATORY)
+Do not assume goals, constraints, or context. Extract direction from:
+- user prompt
+- `.omg/state/handoff.md`
+- `.omg/state/ledger/failure-tracker.json`
+- current repo structure and patterns
+Before planning anything, understand:
+1. **User's real goal** — Often the stated request is one step toward something bigger. Ask: "What's the end state you're imagining?"
+2. **User's constraints** — Time, budget, existing code, team preferences, tech stack decisions already made.
+3. **User's domain knowledge** — Are they expert in this domain (follow their lead) or exploring (guide them)?
+4. **What they've already tried** — Check .omg/state/handoff.md, failure-tracker.json, git log.
+If direction is still ambiguous after repo exploration, ask only minimal focused questions.
+Examples of BAD questions: "What framework do you want?" "What's your deadline?"
+Examples of GOOD questions:
+- "I see you have a Stripe integration started in /src/payment/. Are you building on that, or replacing it?"
+- "Your auth uses JWT in cookies. Should the new feature respect that pattern, or are you migrating to sessions?"
+- "The DB schema has 3 user types. Does this feature apply to all of them or just one?"
+## Step 2: Map the Domain
+Read the codebase to understand the CURRENT state:
+```bash
+# Directory structure
+find . -type f -name "*.ts" -o -name "*.py" -o -name "*.go" | head -50
+# Key architectural patterns
+grep -rn "export class\|export function\|def \|func \|struct " src/ --include="*.{ts,py,go}" | head -30
+# Existing domain boundaries
+ls -la src/*/  # or app/*/ or packages/*/
+# Data flow
+grep -rn "import.*from\|require(" src/ --include="*.{ts,js}" | head -20
+```
+If DDD reference patterns exist (see .omg/knowledge/ or existing domain modules):
+- Read the reference domain FIRST
+- Plan the new feature to MATCH the pattern
+- Note any intentional deviations with WHY
+## Step 3: Create the Deep Plan (Plan Council Artifacts)
+Generate the canonical `plan-council` artifacts. Use Bash heredoc to write these files.
+Required artifacts: `.omg/plans/deep-plan.md`, `.omg/plans/deep-plan.json`, `.omg/plans/dissent.json`, `.omg/evidence/plan-council.json`.
+### Artifact 1: `.omg/plans/deep-plan.md` (Human-readable)
+```markdown
+# Deep Plan: [Feature Name]
+Created: [date]
+CHANGE_BUDGET=[small|medium|large]
+## Direction
+[1-2 sentences: what the user is building toward, not just this task]
+## Domain Context
+Reference pattern: [file/module that sets the pattern]
+Bounded contexts affected: [list]
+Key interfaces: [list the interfaces/types this touches]
+## Architecture Decisions
+- [Decision]: [chosen approach] because [reason]
+  Alternatives considered: [what was rejected and why]
+## Implementation Plan
+### Phase 1: Foundation [N files, ~M lines]
+1. [ ] [specific action] — [file] — [what and why]
+2. [ ] [specific action] — [file]
+### Phase 2: Core Logic [N files, ~M lines]
+3. [ ] [specific action]
+4. [ ] [specific action]
+### Phase 3: Integration + Verification [N files, ~M lines]
+5. [ ] [specific action]
+6. [ ] Verification: /OMG:security-check [affected files]
+### Phase 4: Verification
+7. [ ] Tests: [what to test, how]
+8. [ ] Edge cases: [list]
+9. [ ] Manual verification: [steps]
+## Risk Map
+- [Risk]: [mitigation]
+- [Risk]: [mitigation]
+## What NOT to Do
+- [Anti-pattern specific to this feature]
+- [Approach that looks tempting but will fail because...]
+## Files to Read Before Starting
+1. [file] — [why: contains the reference pattern]
+2. [file] — [why: defines the interface this must implement]
+## Plan Council Requirements
+### Assumptions
+List your assumptions below:
+- [Assumption 1]
+- [Assumption 2]
+### Objections and Dissent
+Record any objections or dissent:
+- [Dissent 1]
+- [Dissent 2]
+### Rollback Plan
+Define the rollback plan:
+- [Step 1 to revert]
+- [Step 2 to revert]
+### Verification Commands
+List the verification commands:
+- [Command 1]
+- [Command 2]
+### Evidence Requirements
+Define the evidence requirements:
+- [Requirement 1]
+- [Requirement 2]
+### What would falsify this plan?
+Define what would falsify this plan:
+- [Condition 1]
+- [Condition 2]
+```
+### Artifact 2: `.omg/plans/deep-plan.json` (Machine-readable)
+Include the full task plan, workflow stages, and metadata.
+### Artifact 3: `.omg/plans/dissent.json` (Dissent log)
+Record all objections, risks, and counter-arguments raised during planning.
+### Artifact 4: `.omg/evidence/plan-council.json` (Planning evidence)
+Record the planning process evidence, including tool outputs and validation results.
+## Step 4: Present and Iterate
+Show the plan to the user. Ask:
+- "Does this match the direction you're thinking?"
+- "Anything I'm missing about your goals?"
+- "Should I adjust the scope or priority?"
+Update the plan based on feedback BEFORE starting implementation.
+## Step 4.5: Codex Plan Validation (MANDATORY)
+Before implementation, run a dedicated Codex validation pass on the final plan.
+Checklist for Codex validation:
+- ordering and dependency correctness
+- hidden edge cases and rollback gaps
+- security/performance blind spots
+- missing verification steps
+Only after applying those corrections, continue to execution.
+## Step 4.6: Multi-Agent Bootstrap (MANDATORY)
+After validation, launch exactly 5 planning tracks with mixed-model intent using OMG-native routing (same planning discipline as OMG):
+1. Architect track (Claude)
+2. Backend track (GPT/Codex)
+3. Frontend track (Gemini)
+4. Security track (GPT/Codex)
+5. Verification track (Claude)
+Dispatch pattern is mandatory: all 5 tracks launch in parallel as background sub-agents.
+```python
+task(subagent_type="explore", run_in_background=true, load_skills=[], description="Architect planning track", prompt="...")
+task(subagent_type="explore", run_in_background=true, load_skills=[], description="Backend planning track", prompt="...")
+task(subagent_type="explore", run_in_background=true, load_skills=[], description="Frontend planning track", prompt="...")
+task(subagent_type="explore", run_in_background=true, load_skills=[], description="Security planning track", prompt="...")
+task(subagent_type="explore", run_in_background=true, load_skills=[], description="Verification planning track", prompt="...")
+```
+Collection and merge protocol:
+- collect every track using `background_output(task_id="...")`
+- run a `sequential-thinking` merge pass to resolve conflicts and ordering
+- emit one final executable checklist only after the merge pass
+Each track must return:
+- concrete plan steps
+- risk notes
+- verification commands
+Then merge outputs into a single execution checklist before implementation.
+## Step 5: Generate Checklist
+Convert the plan into `.omg/state/_checklist.md` with concrete steps.
+Each step should be completable in ONE tool interaction (not "implement the feature").
+## Step 5.5: Business Workflow Contract (MANDATORY)
+Deep-plan owns the business-style delivery workflow and task-plan contract.
+Always generate a normalized workflow path and task plan directly from user instructions:
+- canonical stages: `plan -> implement -> qa -> simulate -> final_test -> production`
+- accepted user path keys: `workflow`, `path`, `delivery_path`, `workflow_path`
+- accepted stage aliases:
+  - `planning -> plan`
+  - `implementation|build -> implement`
+  - `quality|quality_assurance -> qa`
+  - `testing|test -> final_test`
+  - `prod|deploy -> production`
+Rules:
+1. If user provides a partial path, keep user order and append missing canonical stages.
+2. If user provides no path, use the full canonical path.
+3. Build tasks from:
+   - `user_instructions[]` (source of truth for requested workflow)
+   - `constraints[]` (delivery boundaries)
+   - `acceptance[]` (final test criteria)
+4. Include stage readiness for production handoff:
+   - `production=ready` only when QA/simulation/final_test gates pass.
+Persist this contract into planning artifacts:
+- `.omg/plans/deep-plan.md` (human-readable plan)
+- `.omg/plans/deep-plan.json` (machine-readable plan)
+- include structured task metadata in the plan output (`stage`, `title`, `detail`, `source`).
+## Integration with DDD
+If this is a new domain:
+1. Ask the user to write (or help write) the first domain reference
+2. Extract the pattern: naming convention, data flow, error handling style
+3. Document the pattern in .omg/knowledge/domain-patterns/[name].md
+4. Use the pattern for ALL subsequent domains
+## Idea-as-Code Contract (required)
+Before leaving planning, ensure `.omg/idea.yml` exists with:
+- `goal`
+- `constraints[]`
+- `acceptance[]`
+- `risk.security[]|risk.performance[]|risk.compatibility[]`
+- `evidence_required.tests[]|security_scans[]|reproducibility[]`
+If missing, scaffold from template and fill from the conversation.
+## Anti-patterns
+- Don't plan in your head and dump a wall of text — INTERACT with the user
+- Don't make architecture decisions without checking existing patterns
+- Don't create a plan with vague steps like "implement feature" — be specific
+- Don't skip the Direction step — it's the difference between useful and useless