@trieungoctam/speckit 0.2.2 → 0.3.1

package/README.md

@@ -4,15 +4,27 @@ Speckit is a local-first Agile + TDD workflow compiler for agentic IDEs. It turn
 
 Speckit owns the workflow contract and generates adapters for the tools you already use. The public product vocabulary is Speckit-only: Agile shaping, TDD execution, task graph triage, and IDE adapter compilation.
 
+Speckit also ships a portable skill catalog and super-agent router. IDE-specific agents read `.speckit/agents/super-agent.md` and `.speckit/skills/catalog.md` first, then load only the focused skill needed for the current phase.
+
+The curated skill set is intentionally small: `spec-shape`, `spec-research`, `spec-plan`, `spec-context`, `spec-graph`, `spec-session`, `spec-tdd`, `spec-test`, `spec-debug`, `spec-review`, `spec-docs`, and `spec-ship`. These are adapted from proven orchestration patterns without importing a broad domain-specific catalog.
+
 ## Quickstart
 
 ```bash
+npx @trieungoctam/speckit@latest init --ide cursor
 npx @trieungoctam/speckit@latest init --ide all
 npx @trieungoctam/speckit@latest init --enterprise --ide all
+npx @trieungoctam/speckit@latest memory refresh
+npx @trieungoctam/speckit@latest session start "Add checkout validation"
 npx @trieungoctam/speckit@latest quick "Add checkout validation"
 npx @trieungoctam/speckit@latest context .speckit/stories/<story>.md
 npx @trieungoctam/speckit@latest sync
+npx @trieungoctam/speckit@latest sprint plan
+npx @trieungoctam/speckit@latest graph triage --json
+npx @trieungoctam/speckit@latest validate --json
+npx @trieungoctam/speckit@latest permissions audit --path .env --json
 npx @trieungoctam/speckit@latest ready .speckit/stories/<story>.md
+npx @trieungoctam/speckit@latest session checkpoint --note "red complete"
 npx @trieungoctam/speckit@latest review
 ```
 
@@ -29,16 +41,22 @@ speckit doctor
 ```text
 intent
   -> start session
+  -> super agent routing
+  -> refresh project memory
   -> shape
   -> plan
+  -> sprint plan
   -> context
   -> story with acceptance criteria
-  -> sync / triage
+  -> sync / graph triage
   -> readiness gate
   -> red test evidence
+  -> session checkpoint
   -> minimal implementation
   -> green test evidence
+  -> session checkpoint
   -> refactor validation
+  -> session compact
   -> review
 ```
 
@@ -48,19 +66,32 @@ For implementation stories, red-green-refactor evidence is mandatory. A story is
 
 | Command | Purpose |
 | --- | --- |
-| `speckit init` | Create `.speckit/` core rules and all IDE adapters. |
-| `speckit init --enterprise` | Add flow, tool policy, and prompt harness files. |
-| `speckit init --ide <name>` | Generate one adapter: `claude-code`, `codex`, `antigravity`, `opencode`, or `cursor`. |
+| `speckit init` | Create `.speckit/` core runtime, super-agent, skill catalog, and all IDE adapters. |
+| `speckit init --enterprise` | Add flow, tool policy, and prompt harness files on top of the shared runtime. |
+| `speckit init --ide <name>` | Generate shared Speckit runtime plus one adapter: `claude-code`, `codex`, `antigravity`, `opencode`, or `cursor`. |
 | `speckit doctor` | Report required tools, optional integrations, test commands, and adapter readiness. |
-| `speckit doctor --deep` | Verify core enterprise harness files. |
+| `speckit doctor --deep` | Verify core enterprise harness files and workflow contract checks. |
+| `speckit validate` | Validate flow order, core skills, super-agent routing, prompts, and installed adapter contracts. |
 | `speckit start "<idea>"` | Create a durable session handoff and current context. |
+| `speckit memory refresh` | Create durable project memory files for long-running agent work. |
+| `speckit permissions audit` | Check a path or command against the Speckit permission policy. |
+| `speckit session start` | Create or resume the active session state. |
+| `speckit session checkpoint` | Append a long-session checkpoint and artifact log entry. |
+| `speckit session compact` | Create an anchored summary for resume or handoff. |
+| `speckit session resume` | Mark a session as active and print its handoff path. |
+| `speckit session status` | Print active session state paths. |
 | `speckit shape "<intent>"` | Create a short spec contract. |
 | `speckit context <story>` | Build the current implementation context from a story. |
 | `speckit quick "<intent>"` | Create one story plus matching TDD evidence file. |
 | `speckit plan "<intent>"` | Create PRD, architecture, story, and evidence skeletons. |
 | `speckit triage` | Summarize synced story state without interactive graph commands. |
 | `speckit next` | Safely wraps `bv --robot-next --format json`. |
-| `speckit sync` | Export Speckit stories as beads-compatible JSONL metadata. |
+| `speckit sprint plan` | Build a sprint plan and status file from synced stories. |
+| `speckit sprint next` | Pick the next selectable story from sprint state. |
+| `speckit graph triage` | Run Beads Viewer robot triage, or local JSON fallback if `bv` is missing. |
+| `speckit graph plan` | Run Beads Viewer robot plan, or local JSON fallback if `bv` is missing. |
+| `speckit graph insights` | Run Beads Viewer robot insights, or local JSON fallback if `bv` is missing. |
+| `speckit sync` | Export Speckit stories as `.speckit/sync/beads-sync.jsonl` and prepare `.beads/beads.jsonl` for Beads Viewer. |
 | `speckit ready <story>` | Validate story status, context, evidence, graph sync, and safety policy before implementation. |
 | `speckit run <story>` | Print the TDD execution handoff for a story. |
 | `speckit review` | Print the review checklist and current diff summary. |
@@ -78,6 +109,12 @@ Speckit generates native instruction/config files for:
 
 See `docs/adapters.md` for exact output paths.
 
+## Guides
+
+- `docs/use-cases.md` covers setup, migration, quick changes, full planning, long sessions, TDD, graph automation, review, CI, and troubleshooting.
+- `docs/workflow-model.md` describes the quick and full workflow lanes.
+- `docs/spec-quality-gates.md` describes validation gates for release readiness.
+
 ## Validation
 
 ```bash

package/dist/adapters/antigravity-adapter.js

@@ -12,12 +12,12 @@ export const antigravityAdapter = {
     ],
     render() {
         return [
-            rule("agile", "Follow Speckit Agile: shape intent, read .speckit/context/current.md, create stories with ACs, preserve session handoff, and emit artifacts for review."),
-            rule("tdd", "For code changes, use TDD: confirm acceptance criteria, use red-green-refactor, and record evidence for each step."),
+            rule("agile", "Follow Speckit Agile: shape intent, read .speckit/agents/super-agent.md, .speckit/skills/catalog.md, .speckit/memory/project-context.md, .speckit/sessions/active.md, and .speckit/context/current.md, create stories with ACs, preserve session handoff, and emit artifacts for review."),
+            rule("tdd", "For code changes, use TDD: confirm acceptance criteria, use red-green-refactor, checkpoint each boundary, compact before handoff, and record evidence for each step."),
             rule("enterprise-safety", "Require human approval for destructive commands, production changes, secrets access, and deployment."),
             workflow("plan", "Create a Speckit plan artifact with PRD, architecture, stories, risks, dependencies, and graph sync notes."),
-            workflow("tdd-run", "Run a story with TDD from .speckit/context/current.md and .speckit/context/subagent-handoff.md. Require speckit ready <story> first. Emit artifact sections: Test Intent, Red, Green, Refactor. Use only robot-safe graph commands."),
-            workflow("review", "Review the produced artifacts and code diff. Flag AC gaps, TDD gaps, security issues, docs needs, and session handoff gaps."),
+            workflow("tdd-run", "Run a story with TDD from the Speckit super agent router, skill catalog, .speckit/memory/project-context.md, .speckit/context/current.md, .speckit/context/subagent-handoff.md, and active session summary. Require speckit ready <story> first. Emit artifact sections: Test Intent, Red, Green, Refactor. Use only robot-safe graph commands."),
+            workflow("review", "Review the produced artifacts and code diff. Flag AC gaps, TDD gaps, security issues, docs needs, session checkpoint freshness, and session handoff gaps."),
         ];
     },
 };

package/dist/adapters/claude-code-adapter.js

@@ -1,5 +1,5 @@
 import { json, markdown } from "../core/managed-files.js";
-const skillIntro = `Follow Speckit: Agile story flow plus mandatory TDD evidence. Read .speckit/context/current.md first, preserve session handoff, use red-green-refactor, and use robot-safe graph commands only.`;
+const skillIntro = `Follow Speckit: Agile story flow plus mandatory TDD evidence. Read .speckit/memory/project-context.md, .speckit/context/current.md, and active session summary first. Preserve session handoff, checkpoint long work, use red-green-refactor, and use robot-safe graph commands only.`;
 export const claudeCodeAdapter = {
     name: "claude-code",
     displayName: "Claude Code",
@@ -21,8 +21,10 @@ Use Speckit for Agile + TDD work.
 - Start from \`.speckit/rules/agile-policy.md\`.
 - For implementation, follow \`.speckit/rules/tdd-policy.md\`.
 - For safety, follow \`.speckit/rules/enterprise-safety.md\`.
-- Prefer \`speckit start\`, \`speckit context\`, \`speckit sync\`, \`speckit triage\`, \`speckit run\`, and \`speckit review\` over ad hoc prompts.
+- Prefer \`speckit start\`, \`speckit memory refresh\`, \`speckit session checkpoint\`, \`speckit context\`, \`speckit sync\`, \`speckit graph triage\`, \`speckit run\`, and \`speckit review\` over ad hoc prompts.
+- Read \`.speckit/agents/super-agent.md\`, \`.speckit/skills/catalog.md\`, \`.speckit/memory/project-context.md\`, and \`.speckit/sessions/active.md\` before long-running work.
 - Run \`speckit ready <story>\` before implementation; story status must be \`ready-for-dev\` and context status must be \`fresh\`.
+- Run \`speckit session compact\` before context gets noisy or before handoff.
 - For code stories, confirm acceptance criteria and record red-green-refactor evidence before handoff.
 - Never run bare \`bv\`; use robot flags such as \`bv --robot-next --format json\`.
 `),
@@ -32,13 +34,29 @@ Use Speckit for Agile + TDD work.
                 content: json({
                     permissions: {
                         defaultMode: "ask",
+                        deny: [
+                            "Read(.env*)",
+                            "Read(**/*.pem)",
+                            "Read(**/*.key)",
+                            "Read(**/id_rsa)",
+                            "Read(**/id_ed25519)",
+                            "Write(.env*)",
+                            "Write(**/*.pem)",
+                            "Write(**/*.key)",
+                            "Bash(rm -rf*)",
+                            "Bash(git reset --hard*)",
+                            "Bash(git clean -fd*)",
+                            "Bash(git push --force*)",
+                            "Bash(sudo *)",
+                        ],
+                        ask: ["Bash(git push*)", "Bash(npm publish*)", "Bash(* deploy*)"],
                     },
                     includeCoAuthoredBy: false,
                 }),
             },
-            skill("speckit-plan", "Create or update a Speckit Agile plan.", "Read `.speckit/workflows/shape.md`, preserve the session id, then create PRD, architecture, and story artifacts with acceptance criteria."),
-            skill("speckit-tdd", "Execute a Speckit story with TDD.", "Read `.speckit/context/current.md`, `.speckit/context/subagent-handoff.md`, and `.speckit/workflows/tdd-run.md`. Do not implement before `speckit ready <story>` passes, test intent is clear, and red evidence is recorded."),
-            skill("speckit-review", "Review a Speckit change.", "Read `.speckit/workflows/review.md`. Prioritize AC coverage, TDD evidence gaps, security, docs impact, and graph sync status."),
+            skill("speckit-plan", "Create or update a Speckit Agile plan.", "Read `.speckit/agents/super-agent.md`, `.speckit/skills/catalog.md`, and `.speckit/workflows/shape.md`, preserve the session id, then create PRD, architecture, and story artifacts with acceptance criteria."),
+            skill("speckit-tdd", "Execute a Speckit story with TDD.", "Read `.speckit/memory/project-context.md`, `.speckit/context/current.md`, `.speckit/context/subagent-handoff.md`, active session summary, and `.speckit/workflows/tdd-run.md`. Do not implement before `speckit ready <story>` passes, test intent is clear, and red evidence is recorded. Checkpoint after red, green, and refactor."),
+            skill("speckit-review", "Review a Speckit change.", "Read `.speckit/workflows/review.md` and the active session artifact log. Prioritize AC coverage, TDD evidence gaps, security, docs impact, session checkpoint freshness, and graph sync status."),
         ];
     },
 };

package/dist/adapters/codex-adapter.js

@@ -19,8 +19,10 @@ This repository uses Speckit: Agile + TDD for agentic development.
 
 Rules:
 - Shape intent before implementation.
+- Read \`.speckit/agents/super-agent.md\`, \`.speckit/skills/catalog.md\`, \`.speckit/memory/project-context.md\`, and \`.speckit/sessions/active.md\` before long-running work.
 - Read \`.speckit/context/current.md\` before running code changes.
 - Run \`speckit ready <story>\` before implementation; story status must be \`ready-for-dev\` and context status must be \`fresh\`.
+- Use \`speckit session checkpoint\` at red, green, refactor, and review boundaries; use \`speckit session compact\` before handoff.
 - For code stories, write test intent and capture red/green/refactor evidence.
 - Never call bare \`bv\`; use \`bv --robot-*\`.
 - Do not weaken approval or sandbox settings.
@@ -32,6 +34,8 @@ Rules:
                 content: text(`model = "gpt-5.4"
 approval_policy = "on-request"
 sandbox_mode = "workspace-write"
+allowed_approval_policies = ["untrusted", "on-request"]
+allowed_sandbox_modes = ["read-only", "workspace-write"]
 
 [tools]
 web_search = true
@@ -39,9 +43,9 @@ web_search = true
 [features]
 child_agents_md = true`),
             },
-            prompt("plan", "Create a Speckit plan from the user intent. Preserve session context, include PRD, architecture, stories, ACs, TDD checklist, risks, and graph sync notes."),
-            prompt("tdd-run", "Execute the selected Speckit story using .speckit/context/current.md, .speckit/context/subagent-handoff.md, and red-green-refactor. Require speckit ready <story>, confirm ACs, record command evidence, and use only robot-safe graph commands."),
-            prompt("review", "Review the current diff against Speckit ACs, TDD evidence, security, docs impact, session handoff, and graph sync status."),
+            prompt("plan", "Create a Speckit plan from the user intent. Use the Speckit super agent router and skill catalog. Preserve session context, project memory, PRD, architecture, stories, ACs, TDD checklist, risks, and graph sync notes."),
+            prompt("tdd-run", "Execute the selected Speckit story using .speckit/memory/project-context.md, .speckit/context/current.md, .speckit/context/subagent-handoff.md, active session summary, and red-green-refactor. Require speckit ready <story>, confirm ACs, checkpoint each boundary, record command evidence, and use only robot-safe graph commands."),
+            prompt("review", "Review the current diff against Speckit ACs, TDD evidence, security, docs impact, session handoff, session checkpoint freshness, and graph sync status."),
         ];
     },
 };

package/dist/adapters/cursor-adapter.js

@@ -8,13 +8,14 @@ export const cursorAdapter = {
         ".cursor/rules/speckit-review.mdc",
         ".cursor/rules/speckit-enterprise-safety.mdc",
         ".cursor/mcp.json",
+        ".cursor/cli.json",
         "AGENTS.md",
     ],
     render() {
         return [
-            rule("agile", "alwaysApply: true", "Use Speckit Agile flow. Read .speckit/context/current.md and .speckit/context/subagent-handoff.md, preserve session handoff, create stories with ACs, and keep work scoped."),
-            rule("tdd", "description: Apply when implementing or modifying code", "Use red-green-refactor. Run speckit ready <story>, confirm acceptance criteria, and record TDD evidence before review-ready."),
-            rule("review", "description: Apply when reviewing code or preparing a PR", "Review AC coverage, TDD evidence, security, docs impact, and graph sync status."),
+            rule("agile", "alwaysApply: true", "Use Speckit Agile flow. Read .speckit/agents/super-agent.md, .speckit/skills/catalog.md, .speckit/memory/project-context.md, .speckit/sessions/active.md, .speckit/context/current.md, and .speckit/context/subagent-handoff.md. Preserve session handoff, create stories with ACs, and keep work scoped."),
+            rule("tdd", "description: Apply when implementing or modifying code", "Use red-green-refactor. Run speckit ready <story>, confirm acceptance criteria, checkpoint each TDD boundary, and record TDD evidence before review-ready."),
+            rule("review", "description: Apply when reviewing code or preparing a PR", "Review AC coverage, TDD evidence, security, docs impact, session checkpoint freshness, and graph sync status."),
             rule("enterprise-safety", "alwaysApply: true", "Do not expose secrets. Ask before destructive commands, deployment, or production changes."),
             {
                 path: ".cursor/mcp.json",
@@ -22,6 +23,28 @@ export const cursorAdapter = {
                     mcpServers: {},
                 }),
             },
+            {
+                path: ".cursor/cli.json",
+                content: json({
+                    permissions: {
+                        allow: ["Shell(git)", "Shell(npm)", "Shell(node)", "Read(.speckit/**)", "Read(src/**)", "Read(tests/**)"],
+                        deny: [
+                            "Read(.env*)",
+                            "Read(**/*.pem)",
+                            "Read(**/*.key)",
+                            "Read(**/id_rsa)",
+                            "Read(**/id_ed25519)",
+                            "Write(.env*)",
+                            "Write(**/*.pem)",
+                            "Write(**/*.key)",
+                            "Shell(rm)",
+                            "Shell(sudo)",
+                            "Shell(chmod)",
+                            "Shell(chown)",
+                        ],
+                    },
+                }),
+            },
             {
                 path: "AGENTS.md",
                 content: markdown(`# Speckit Agent Instructions
@@ -30,9 +53,13 @@ Use Speckit for Agile + TDD work. Cursor-specific rules live in \`.cursor/rules/
 
 - Follow \`.speckit/rules/agile-policy.md\`.
 - Follow \`.speckit/rules/tdd-policy.md\` for code stories.
+- Read \`.speckit/agents/super-agent.md\` and \`.speckit/skills/catalog.md\` before selecting an execution mode.
+- Read \`.speckit/memory/project-context.md\` before long-running work.
+- Read \`.speckit/sessions/active.md\` before resuming or compacting work.
 - Read \`.speckit/context/current.md\` before implementation work.
 - Read \`.speckit/context/subagent-handoff.md\` before implementation work.
 - Run \`speckit ready <story>\` before code changes.
+- Run \`speckit session checkpoint\` at task boundaries and \`speckit session compact\` before handoff.
 - Never run bare \`bv\`; use robot commands only.
 `),
             },

package/dist/adapters/opencode-adapter.js

@@ -53,7 +53,7 @@ permission: ${JSON.stringify(permission)}
 # speckit-${name}
 
 Follow \`.speckit/rules/agile-policy.md\`, \`.speckit/rules/tdd-policy.md\`, and \`.speckit/rules/enterprise-safety.md\`.
-Read \`.speckit/context/current.md\` and \`.speckit/context/subagent-handoff.md\` before implementation work, require \`speckit ready <story>\`, confirm acceptance criteria, preserve session handoff, record red-green-refactor evidence, and use only robot-safe graph commands.
+Read \`.speckit/agents/super-agent.md\`, \`.speckit/skills/catalog.md\`, \`.speckit/memory/project-context.md\`, \`.speckit/sessions/active.md\`, \`.speckit/context/current.md\`, and \`.speckit/context/subagent-handoff.md\` before implementation work. Select the smallest matching Speckit skill. Require \`speckit ready <story>\`, confirm acceptance criteria, preserve session handoff, checkpoint red-green-refactor boundaries, compact before handoff, and use only robot-safe graph commands.
 `),
     };
 }

package/dist/cli.js

@@ -5,6 +5,12 @@ import { shapeCommand } from "./commands/shape.js";
 import { contextCommand } from "./commands/context.js";
 import { quickCommand } from "./commands/quick.js";
 import { planCommand } from "./commands/plan.js";
+import { memoryCommand } from "./commands/memory.js";
+import { permissionsCommand } from "./commands/permissions.js";
+import { sessionCommand } from "./commands/session.js";
+import { sprintCommand } from "./commands/sprint.js";
+import { graphCommand } from "./commands/graph.js";
+import { validateCommand } from "./commands/validate.js";
 import { triageCommand } from "./commands/triage.js";
 import { nextCommand } from "./commands/next.js";
 import { syncCommand } from "./commands/sync.js";
@@ -35,6 +41,29 @@ export async function main(argv = process.argv.slice(2), root = process.cwd()) {
                 return quickCommand({ root, intent: requiredIntent(parsed) });
             case "plan":
                 return planCommand({ root, intent: requiredIntent(parsed) });
+            case "memory":
+                return memoryCommand({ root, action: requiredAction(parsed) });
+            case "permissions":
+                return permissionsCommand({
+                    action: requiredAction(parsed),
+                    path: value(parsed, "path"),
+                    command: value(parsed, "command"),
+                    json: has(parsed, "json"),
+                });
+            case "session":
+                return sessionCommand({
+                    root,
+                    action: requiredAction(parsed),
+                    target: parsed.args.slice(1).join(" ").trim() || undefined,
+                    note: value(parsed, "note"),
+                    json: has(parsed, "json"),
+                });
+            case "sprint":
+                return sprintCommand({ root, action: requiredAction(parsed), json: has(parsed, "json") });
+            case "graph":
+                return graphCommand({ root, action: requiredAction(parsed), json: has(parsed, "json") });
+            case "validate":
+                return validateCommand({ root, json: has(parsed, "json") });
             case "triage":
                 return triageCommand({ root, json: has(parsed, "json") });
             case "next":
@@ -92,6 +121,12 @@ function requiredIntent(parsed) {
         throw new Error(`Command "${parsed.command}" requires a target or intent.`);
     return intent;
 }
+function requiredAction(parsed) {
+    const action = parsed.args[0]?.trim();
+    if (!action)
+        throw new Error(`Command "${parsed.command}" requires an action.`);
+    return action;
+}
 function value(parsed, name) {
     const found = parsed.flags.get(name);
     return typeof found === "string" ? found : undefined;
@@ -111,6 +146,12 @@ Usage:
   speckit context <story-path-or-id>
   speckit quick "<intent>"
   speckit plan "<intent>"
+  speckit memory refresh
+  speckit permissions audit [--path <path>] [--command <command>] [--json]
+  speckit session start|checkpoint|compact|resume|status [target] [--note "..."] [--json]
+  speckit sprint plan|next [--json]
+  speckit graph triage|plan|insights [--json]
+  speckit validate [--json]
   speckit triage [--json]
   speckit next
   speckit sync

package/dist/commands/doctor.js

@@ -4,11 +4,14 @@ import { getAdapters } from "../config/adapter-registry.js";
 import { checkTools } from "../adapters/tool-checks.js";
 import { detectTestCommands } from "../core/test-detection.js";
 import { coreFiles, enterpriseFiles } from "../core/scaffold.js";
+import { agentFiles } from "../core/agent-scaffold.js";
+import { validateWorkflowContract } from "../core/workflow-validator.js";
 export async function doctorCommand(options) {
     const stdout = options.stdout ?? console;
     const tools = checkTools();
     const tests = await detectTestCommands(options.root);
     const deepChecks = options.deep ? await runDeepChecks(options.root) : [];
+    const contractChecks = options.deep ? await validateWorkflowContract(options.root) : [];
     const adapters = await Promise.all(getAdapters("all").map(async (adapter) => ({
         name: adapter.name,
         ...(await adapterStatus(options.root, adapter.outputPaths)),
@@ -18,8 +21,9 @@ export async function doctorCommand(options) {
         tools,
         tests,
         deepChecks,
+        contractChecks,
         adapters,
-        status: statusFor(tools, deepChecks),
+        status: statusFor(tools, deepChecks, contractChecks),
     };
     if (options.json) {
         stdout.log(JSON.stringify(report, null, 2));
@@ -32,6 +36,9 @@ export async function doctorCommand(options) {
         for (const check of deepChecks) {
             stdout.log(`Deep ${check.name}: ${check.ok ? "ok" : "missing"}`);
         }
+        for (const check of contractChecks) {
+            stdout.log(`Contract ${check.name}: ${check.ok ? "ok" : check.detail}`);
+        }
         for (const adapter of adapters) {
             stdout.log(`Adapter ${adapter.name}: ${adapter.present}/${adapter.total} files present`);
         }
@@ -39,7 +46,7 @@ export async function doctorCommand(options) {
     return report.status === "ok" ? 0 : 1;
 }
 async function runDeepChecks(root) {
-    const requiredFiles = [...coreFiles(), ...enterpriseFiles()];
+    const requiredFiles = [...coreFiles(), ...enterpriseFiles(), ...agentFiles()];
     return Promise.all(requiredFiles.map(async (file) => ({
         name: file.path,
         path: file.path,
@@ -55,10 +62,11 @@ async function fileExists(root, path) {
         return false;
     }
 }
-function statusFor(tools, deepChecks) {
+function statusFor(tools, deepChecks, contractChecks) {
     const requiredToolsMissing = tools.some((tool) => tool.required && !tool.available);
     const deepChecksMissing = deepChecks.some((check) => !check.ok);
-    return requiredToolsMissing || deepChecksMissing ? "needs-attention" : "ok";
+    const contractChecksFailed = contractChecks.some((check) => !check.ok);
+    return requiredToolsMissing || deepChecksMissing || contractChecksFailed ? "needs-attention" : "ok";
 }
 async function adapterStatus(root, paths) {
     const missing = [];

package/dist/commands/graph.d.ts

@@ -0,0 +1,7 @@
+export type GraphOptions = {
+    root: string;
+    action: string;
+    json?: boolean;
+    stdout?: Pick<typeof console, "log" | "error">;
+};
+export declare function graphCommand(options: GraphOptions): Promise<number>;

package/dist/commands/graph.js

@@ -0,0 +1,51 @@
+import { spawnSync } from "node:child_process";
+import { commandExists } from "../adapters/tool-checks.js";
+import { prepareBeadsMirror } from "../core/beads-mirror.js";
+import { readSyncedStories, selectableStories } from "../core/synced-stories.js";
+const robotActions = new Map([
+    ["triage", "--robot-triage"],
+    ["plan", "--robot-plan"],
+    ["insights", "--robot-insights"],
+]);
+export async function graphCommand(options) {
+    const stdout = options.stdout ?? console;
+    const robotFlag = robotActions.get(options.action);
+    if (!robotFlag) {
+        stdout.error("Usage: speckit graph triage|plan|insights [--json]");
+        return 1;
+    }
+    if (commandExists("bv")) {
+        await prepareBeadsMirror(options.root);
+        const result = spawnSync("bv", [robotFlag, "--format", options.json ? "json" : "toon"], {
+            encoding: "utf8",
+            cwd: options.root,
+        });
+        if ((result.status ?? 1) === 0) {
+            if (result.stdout)
+                stdout.log(result.stdout.trim());
+            if (result.stderr)
+                stdout.error(result.stderr.trim());
+            return 0;
+        }
+    }
+    const fallback = await localGraphFallback(options.root, options.action);
+    stdout.log(JSON.stringify(fallback, null, 2));
+    return 0;
+}
+async function localGraphFallback(root, action) {
+    const stories = await readSyncedStories(root);
+    const selectable = selectableStories(stories);
+    return {
+        source: ".speckit/sync/beads-sync.jsonl",
+        provider: "speckit-local-fallback",
+        action,
+        status: "bv-unavailable-or-failed",
+        quick_ref: {
+            total: stories.length,
+            selectable: selectable.length,
+            top_pick: selectable[0] ?? null,
+        },
+        recommendations: selectable.slice(0, 3),
+        command: "Install Beads Viewer for graph metrics: bv --robot-triage --format json",
+    };
+}

package/dist/commands/init.js

@@ -1,10 +1,12 @@
 import { coreFiles, enterpriseFiles } from "../core/scaffold.js";
+import { agentFiles } from "../core/agent-scaffold.js";
 import { writeManagedFiles } from "../core/managed-files.js";
 import { getAdapters } from "../config/adapter-registry.js";
 export async function initCommand(options) {
     const stdout = options.stdout ?? console;
     const selectedIde = options.ide ?? "all";
-    const baseFiles = options.enterprise ? [...coreFiles(), ...enterpriseFiles()] : coreFiles();
+    const sharedFiles = [...coreFiles(), ...agentFiles()];
+    const baseFiles = options.enterprise ? [...sharedFiles, ...enterpriseFiles()] : sharedFiles;
     const adapterFiles = getAdapters(selectedIde).flatMap((adapter) => adapter.render());
     const results = await writeManagedFiles(options.root, [...baseFiles, ...adapterFiles], options.force ?? false);
     const created = results.filter((result) => result.status === "created").length;

package/dist/commands/memory.d.ts

@@ -0,0 +1,6 @@
+export type MemoryOptions = {
+    root: string;
+    action: string;
+    stdout?: Pick<typeof console, "log" | "error">;
+};
+export declare function memoryCommand(options: MemoryOptions): Promise<number>;

package/dist/commands/memory.js

@@ -0,0 +1,11 @@
+import { refreshMemory } from "../core/memory.js";
+export async function memoryCommand(options) {
+    const stdout = options.stdout ?? console;
+    if (options.action !== "refresh") {
+        stdout.error("Usage: speckit memory refresh");
+        return 1;
+    }
+    const files = await refreshMemory(options.root);
+    stdout.log(`Refreshed Speckit memory: ${files.join(", ")}`);
+    return 0;
+}

package/dist/commands/permissions.d.ts

@@ -0,0 +1,8 @@
+export type PermissionsOptions = {
+    action: string;
+    path?: string;
+    command?: string;
+    json?: boolean;
+    stdout?: Pick<typeof console, "log" | "error">;
+};
+export declare function permissionsCommand(options: PermissionsOptions): Promise<number>;

package/dist/commands/permissions.js

@@ -0,0 +1,18 @@
+import { auditPermission } from "../core/permission-auditor.js";
+export async function permissionsCommand(options) {
+    const stdout = options.stdout ?? console;
+    if (options.action !== "audit") {
+        stdout.error?.(`Unknown permissions action: ${options.action}`);
+        return 1;
+    }
+    const result = auditPermission({ path: options.path, command: options.command });
+    if (options.json) {
+        stdout.log(JSON.stringify(result, null, 2));
+    }
+    else {
+        stdout.log(`Speckit permission audit: ${result.status}`);
+        for (const reason of result.reasons)
+            stdout.log(`- ${reason}`);
+    }
+    return result.status === "deny" ? 1 : 0;
+}

package/dist/commands/session.d.ts

@@ -0,0 +1,9 @@
+export type SessionOptions = {
+    root: string;
+    action: string;
+    target?: string;
+    note?: string;
+    json?: boolean;
+    stdout?: Pick<typeof console, "log" | "error">;
+};
+export declare function sessionCommand(options: SessionOptions): Promise<number>;

package/dist/commands/session.js

@@ -0,0 +1,49 @@
+import { checkpointSession, compactSession, ensureSession, resumeSession, sessionStatus, } from "../core/session-manager.js";
+export async function sessionCommand(options) {
+    const stdout = options.stdout ?? console;
+    switch (options.action) {
+        case "start": {
+            const session = await ensureSession(options.root, options.note ?? options.target ?? "long session");
+            stdout.log(session.id);
+            stdout.log(`${session.dir}/handoff.md`);
+            return 0;
+        }
+        case "checkpoint": {
+            const session = await checkpointSession({
+                root: options.root,
+                note: options.note ?? options.target,
+                story: options.target,
+            });
+            stdout.log(`Checkpointed ${session.id}`);
+            return 0;
+        }
+        case "compact": {
+            const session = await compactSession(options.root);
+            stdout.log(`${session.dir}/summary.md`);
+            return 0;
+        }
+        case "resume": {
+            const session = await resumeSession(options.root, options.target);
+            if (!session) {
+                stdout.error("No Speckit session to resume.");
+                return 1;
+            }
+            stdout.log(session.id);
+            stdout.log(`${session.dir}/handoff.md`);
+            return 0;
+        }
+        case "status": {
+            const status = await sessionStatus(options.root);
+            stdout.log(options.json ? JSON.stringify(status, null, 2) : renderStatus(status));
+            return status.status === "missing" ? 1 : 0;
+        }
+        default:
+            stdout.error("Usage: speckit session start|checkpoint|compact|resume|status");
+            return 1;
+    }
+}
+function renderStatus(status) {
+    if (status.status === "missing")
+        return "Spec session: missing";
+    return `Spec session: ${status.id}\nState: ${status.state}\nSummary: ${status.summary}\nHandoff: ${status.handoff}`;
+}

package/dist/commands/sprint.d.ts

@@ -0,0 +1,7 @@
+export type SprintOptions = {
+    root: string;
+    action: string;
+    json?: boolean;
+    stdout?: Pick<typeof console, "log" | "error">;
+};
+export declare function sprintCommand(options: SprintOptions): Promise<number>;