@uzysjung/agent-harness 26.83.0

package/dist/trust-tier-drift.js

@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+import {
+  CATEGORIES,
+  EXTERNAL_ASSETS,
+  TRUST_TIER,
+  init_esm_shims
+} from "./chunk-SDVAM5JZ.js";
+
+// src/trust-tier-drift.ts
+init_esm_shims();
+var STAR_THRESHOLD = 1e3;
+var REPO_OVERRIDE = {
+  "vercel-cli": "vercel/vercel",
+  // npm
+  "netlify-cli": "netlify/cli",
+  // npm
+  "supabase-cli": "supabase/cli",
+  // npm
+  "agent-browser": "vercel-labs/agent-browser",
+  // npm
+  "gsd-orchestrator": "gsd-build/get-shit-done",
+  // npx-run
+  openspec: "Fission-AI/OpenSpec",
+  // npm (v26.75.0)
+  "bmad-method": "bmad-code-org/BMAD-METHOD"
+  // npx-run (v26.75.0)
+};
+function normalizeRepo(source) {
+  const stripped = source.replace(/^https?:\/\/github\.com\//i, "");
+  const m = stripped.match(/^([^/\s]+\/[^/\s]+)/);
+  return m?.[1] ?? null;
+}
+function repoForAsset(asset) {
+  const override = REPO_OVERRIDE[asset.id];
+  if (override) return override;
+  const m = asset.method;
+  if (m.kind === "skill") return normalizeRepo(m.source);
+  if (m.kind === "plugin") return normalizeRepo(m.marketplace);
+  return null;
+}
+function driftTargets(assets = EXTERNAL_ASSETS) {
+  const out = [];
+  for (const a of assets) {
+    const tier = TRUST_TIER[a.id];
+    if (tier !== "vetted" && tier !== "experimental") continue;
+    const repo = repoForAsset(a);
+    if (!repo) continue;
+    out.push({ id: a.id, tier, repo });
+  }
+  return out;
+}
+function classifyDrift(tier, stars) {
+  if (tier === "vetted" && stars < STAR_THRESHOLD) return "demote";
+  if (tier === "experimental" && stars >= STAR_THRESHOLD) return "promote";
+  return "ok";
+}
+export {
+  CATEGORIES,
+  EXTERNAL_ASSETS,
+  STAR_THRESHOLD,
+  TRUST_TIER,
+  classifyDrift,
+  driftTargets,
+  normalizeRepo,
+  repoForAsset
+};
+//# sourceMappingURL=trust-tier-drift.js.map

package/dist/trust-tier-drift.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/trust-tier-drift.ts"],"sourcesContent":["/**\n * A1 — Trust Tier star-drift 검출 데이터 + 순수 로직.\n *\n * TRUST_TIER 의 star 기반 라벨(vetted ≥ 1000★ / experimental < 1000★)이 실제 GitHub\n * star 와 어긋났는지(drift) 판정한다. `official` 은 star 무관(Anthropic 공식·하네스 자체)\n * 이라 검사 제외.\n *\n * repo 출처 = 각 자산 method (in-code authoritative — 주석이 아니라 실제 설치 source):\n *   skill  → method.source     (\"owner/repo\" 또는 github URL)\n *   plugin → method.marketplace (\"owner/repo\")\n *   npm    → NPM_REPO_OVERRIDE[id] (pkg 는 npm 명이므로 GitHub repo 를 별도 명시)\n *\n * fetch/네트워크는 본 모듈에 없음 — 순수 로직만(테스트 가능). 실 fetch 는\n * `scripts/trust-tier-drift.mjs` 가 담당.\n */\nimport { EXTERNAL_ASSETS, type ExternalAsset, TRUST_TIER } from \"./external-assets.js\";\n\n// v26.79.0 — gen-compatibility 의 카테고리 exhaustiveness 가드용 SSOT (하드코딩 drift 차단).\nexport { CATEGORIES } from \"./categories.js\";\n// v26.76.0 — gen-compatibility.mjs 가 dist 에서 자산 카탈로그+tier 를 읽도록 re-export.\nexport { EXTERNAL_ASSETS, TRUST_TIER } from \"./external-assets.js\";\n\n/** vetted 경계 (NORTH_STAR / PRD v26-71 D2). */\nexport const STAR_THRESHOLD = 1000;\n\nexport type StarTier = \"vetted\" | \"experimental\";\nexport type DriftVerdict = \"ok\" | \"promote\" | \"demote\";\n\n/**\n * method 가 GitHub repo 를 안 담는 자산(npm.pkg / npx-run.cmd 는 npm 명) → 트러스트 근거가\n * 된 GitHub repo 를 명시 매핑. override 가 method 도출보다 우선.\n */\nconst REPO_OVERRIDE: Record<string, string> = {\n  \"vercel-cli\": \"vercel/vercel\", // npm\n  \"netlify-cli\": \"netlify/cli\", // npm\n  \"supabase-cli\": \"supabase/cli\", // npm\n  \"agent-browser\": \"vercel-labs/agent-browser\", // npm\n  \"gsd-orchestrator\": \"gsd-build/get-shit-done\", // npx-run\n  openspec: \"Fission-AI/OpenSpec\", // npm (v26.75.0)\n  \"bmad-method\": \"bmad-code-org/BMAD-METHOD\", // npx-run (v26.75.0)\n};\n\n/** \"https://github.com/owner/repo\" 또는 \"owner/repo[/...]\" → \"owner/repo\". 실패 시 null. */\nexport function normalizeRepo(source: string): string | null {\n  const stripped = source.replace(/^https?:\\/\\/github\\.com\\//i, \"\");\n  const m = stripped.match(/^([^/\\s]+\\/[^/\\s]+)/);\n  return m?.[1] ?? null;\n}\n\n/** 자산의 GitHub owner/repo 도출. override 우선 → skill/plugin method. 도출 불가 시 null. */\nexport function repoForAsset(asset: ExternalAsset): string | null {\n  const override = REPO_OVERRIDE[asset.id];\n  if (override) return override;\n  const m = asset.method;\n  if (m.kind === \"skill\") return normalizeRepo(m.source);\n  if (m.kind === \"plugin\") return normalizeRepo(m.marketplace);\n  return null;\n}\n\nexport interface DriftTarget {\n  id: string;\n  tier: StarTier;\n  repo: string;\n}\n\n/** star 기반(vetted/experimental) 자산만 + repo 도출 가능한 것만 검사 대상. */\nexport function driftTargets(\n  assets: ReadonlyArray<ExternalAsset> = EXTERNAL_ASSETS,\n): DriftTarget[] {\n  const out: DriftTarget[] = [];\n  for (const a of assets) {\n    const tier = TRUST_TIER[a.id];\n    if (tier !== \"vetted\" && tier !== \"experimental\") continue;\n    const repo = repoForAsset(a);\n    if (!repo) continue; // 도출 불가 — 테스트가 0건을 강제하므로 정상 경로에선 발생 안 함\n    out.push({ id: a.id, tier, repo });\n  }\n  return out;\n}\n\n/** 정적 tier 가 실제 star 와 어긋났는지 판정. */\nexport function classifyDrift(tier: StarTier, stars: number): DriftVerdict {\n  if (tier === \"vetted\" && stars < STAR_THRESHOLD) return \"demote\";\n  if (tier === \"experimental\" && stars >= STAR_THRESHOLD) return \"promote\";\n  return \"ok\";\n}\n"],"mappings":";;;;;;;;;AAAA;AAuBO,IAAM,iBAAiB;AAS9B,IAAM,gBAAwC;AAAA,EAC5C,cAAc;AAAA;AAAA,EACd,eAAe;AAAA;AAAA,EACf,gBAAgB;AAAA;AAAA,EAChB,iBAAiB;AAAA;AAAA,EACjB,oBAAoB;AAAA;AAAA,EACpB,UAAU;AAAA;AAAA,EACV,eAAe;AAAA;AACjB;AAGO,SAAS,cAAc,QAA+B;AAC3D,QAAM,WAAW,OAAO,QAAQ,8BAA8B,EAAE;AAChE,QAAM,IAAI,SAAS,MAAM,qBAAqB;AAC9C,SAAO,IAAI,CAAC,KAAK;AACnB;AAGO,SAAS,aAAa,OAAqC;AAChE,QAAM,WAAW,cAAc,MAAM,EAAE;AACvC,MAAI,SAAU,QAAO;AACrB,QAAM,IAAI,MAAM;AAChB,MAAI,EAAE,SAAS,QAAS,QAAO,cAAc,EAAE,MAAM;AACrD,MAAI,EAAE,SAAS,SAAU,QAAO,cAAc,EAAE,WAAW;AAC3D,SAAO;AACT;AASO,SAAS,aACd,SAAuC,iBACxB;AACf,QAAM,MAAqB,CAAC;AAC5B,aAAW,KAAK,QAAQ;AACtB,UAAM,OAAO,WAAW,EAAE,EAAE;AAC5B,QAAI,SAAS,YAAY,SAAS,eAAgB;AAClD,UAAM,OAAO,aAAa,CAAC;AAC3B,QAAI,CAAC,KAAM;AACX,QAAI,KAAK,EAAE,IAAI,EAAE,IAAI,MAAM,KAAK,CAAC;AAAA,EACnC;AACA,SAAO;AACT;AAGO,SAAS,cAAc,MAAgB,OAA6B;AACzE,MAAI,SAAS,YAAY,QAAQ,eAAgB,QAAO;AACxD,MAAI,SAAS,kBAAkB,SAAS,eAAgB,QAAO;AAC/D,SAAO;AACT;","names":[]}

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@uzysjung/agent-harness",
+  "version": "26.83.0",
+  "description": "One-command installer & curator of vetted, Docker-verified AI-coding workflows across Claude Code, Codex, OpenCode & Antigravity",
+  "type": "module",
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "bin": {
+    "agent-harness": "./dist/index.js"
+  },
+  "files": [
+    "dist",
+    "templates",
+    "scripts/prune-ecc.sh",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "gen:compat": "npm run build && node scripts/gen-compatibility.mjs",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "typecheck": "tsc --noEmit",
+    "lint": "biome check src tests",
+    "lint:fix": "biome check --write src tests",
+    "format": "biome format --write src tests",
+    "ci": "npm run typecheck && npm run lint && npm run test:coverage && npm run build",
+    "prepare": "[ -d dist ] || npm run build"
+  },
+  "dependencies": {
+    "@clack/prompts": "^1.3.0",
+    "cac": "^7.0.0"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^2.4.13",
+    "@types/node": "^25.6.0",
+    "@vitest/coverage-v8": "^2.1.0",
+    "tsup": "^8.3.0",
+    "typescript": "^5.6.0",
+    "vitest": "^2.1.0"
+  },
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/uzysjung/uzys-agent-harness.git"
+  }
+}

package/scripts/prune-ecc.sh

@@ -0,0 +1,310 @@
+#!/bin/bash
+# ============================================================
+# prune-ecc.sh
+# ECC plugin을 project local로 복사하고 KEEP 외 항목을 prune.
+# 글로벌 ~/.claude/는 read-only로만 사용 (D16 안전).
+#
+# 사용:
+#   1. (선행 1회) claude plugin install everything-claude-code@everything-claude-code
+#   2. bash prune-ecc.sh                # dry-run (기본). 변경 없음.
+#   3. bash prune-ecc.sh --apply        # 실제 복사 + prune (확인 prompt)
+#   4. bash prune-ecc.sh --apply --force # 확인 없이 즉시 진행
+#   5. claude --plugin-dir .claude/local-plugins/ecc  # 사용
+#
+# 옵션:
+#   --apply           실제 복사 + prune. 기본은 dry-run.
+#   --force           확인 prompt 생략.
+#   --dest <path>     복사 대상 경로 (기본: .claude/local-plugins/ecc)
+#   --keep-existing   dest가 이미 있으면 덮어쓰기 안 함 (기본은 재복사)
+#   --copy-only       prune 단계 skip. 전체 ECC를 project local로 복사만.
+#
+# 안전성:
+#   - 글로벌 ~/.claude/plugins/cache/ : read-only (cp 소스로만 사용)
+#   - dest 위치 (.claude/local-plugins/ecc) : .gitignore 자동 추가
+#   - 다른 프로젝트 영향 없음 (이 프로젝트 local만)
+# ============================================================
+set -u
+
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; CYAN='\033[0;36m'; BOLD='\033[1m'; NC='\033[0m'
+
+# --- Args ---
+APPLY=false
+FORCE=false
+KEEP_EXISTING=false
+COPY_ONLY=false
+DEST=".claude/local-plugins/ecc"
+while [ $# -gt 0 ]; do
+  case "$1" in
+    --apply) APPLY=true; shift ;;
+    --force) FORCE=true; shift ;;
+    --keep-existing) KEEP_EXISTING=true; shift ;;
+    --copy-only) COPY_ONLY=true; shift ;;
+    --dest)
+      [ -z "${2:-}" ] || [[ "$2" == --* ]] && { echo "ERROR: --dest requires a value" >&2; exit 1; }
+      DEST="$2"; shift 2 ;;
+    -h|--help) sed -n '2,24p' "$0"; exit 0 ;;
+    *) echo "Unknown arg: $1" >&2; exit 1 ;;
+  esac
+done
+
+# v26.11.1 — DEST 경계 검증: 글로벌 ~/.claude/ 또는 시스템 경로 차단 (path traversal 방어)
+# v0.6.6 — dirname 디렉토리 미존재 시 pwd 기준으로 fallback (이전엔 상대경로 그대로 잔존 → pwd 검증 실패)
+DEST_PARENT="$(cd "$(dirname "$DEST")" 2>/dev/null && pwd)" || DEST_PARENT=""
+if [ -n "$DEST_PARENT" ]; then
+  DEST_ABS="$DEST_PARENT/$(basename "$DEST")"
+elif [[ "$DEST" = /* ]]; then
+  DEST_ABS="$DEST"
+else
+  DEST_ABS="$(pwd)/$DEST"
+fi
+case "$DEST_ABS" in
+  "$HOME/.claude"|"$HOME/.claude/"*)
+    echo "ERROR: --dest는 글로벌 ~/.claude/ 영역 불가 (D16)" >&2
+    echo "       입력: $DEST (절대: $DEST_ABS)" >&2
+    exit 1 ;;
+  "/"|"/etc"|"/etc/"*|"/usr/bin"|"/usr/sbin"|"/usr/local/bin"|"/bin"|"/sbin"|"/System"|"/System/"*)
+    echo "ERROR: --dest는 시스템 디렉토리 불가" >&2
+    echo "       입력: $DEST (절대: $DEST_ABS)" >&2
+    exit 1 ;;
+esac
+# 추가 안전: 현재 pwd 하위만 허용 (project-local 보장)
+case "$DEST_ABS" in
+  "$(pwd)"|"$(pwd)/"*) ;;
+  *)
+    echo "ERROR: --dest는 현재 프로젝트 디렉토리 하위만 허용" >&2
+    echo "       입력: $DEST (절대: $DEST_ABS)" >&2
+    echo "       현재 pwd: $(pwd)" >&2
+    exit 1 ;;
+esac
+
+info() { echo -e "  ${GREEN}✓${NC} $1"; }
+warn() { echo -e "  ${YELLOW}!${NC} $1"; }
+fail() { echo -e "  ${RED}✗${NC} $1" >&2; }
+section() { echo ""; echo -e "${CYAN}${BOLD}$1${NC}"; }
+
+# --- KEEP list (총 98건, v26.58.0 +6) ---
+# v26.58.0 (ADR-019): cherrypicks.lock 의 C2 6개 KEEP 추가 (plugin ON 시 prune 으로 사라지는 구멍 차단):
+#   security-reviewer, silent-failure-hunter, build-error-resolver,
+#   e2e-testing, agent-introspection-debugging, nextjs-turbopack.
+# 직전 baseline 92건 (이전 코멘트 "89건" 은 오기 — 실제 단어 count 검증 시 92).
+KEEP_ITEMS="
+agent-harness-construction agent-introspection-debugging agentic-engineering
+ai-first-engineering api-design aside autonomous-loops backend-patterns
+blueprint build-error-resolver build-fix checkpoint claude-api claw
+code-review code-reviewer coding-standards configure-ecc content-engine
+content-hash-cache-pattern continuous-agent-loop continuous-learning continuous-learning-v2
+cost-aware-llm-pipeline crosspost database-migrations database-reviewer deep-research
+deployment-patterns dmux-workflows docker-patterns e2e e2e-runner e2e-testing
+eval eval-harness evolve exa-search frontend-patterns frontend-slides
+harness-audit harness-optimizer instinct-export instinct-import instinct-status
+investor-materials investor-outreach iterative-retrieval learn learn-eval
+loop-operator loop-start loop-status market-research model-route multi-backend
+multi-execute multi-frontend multi-plan multi-workflow nextjs-turbopack orchestrate
+plan plankton-code-quality planner postgres-patterns projects promote
+prompt-optimize prompt-optimizer python-patterns python-review python-reviewer
+python-testing quality-gate refactor-clean regex-vs-llm-structured-text
+resume-session save-session search-first security-review security-reviewer
+security-scan sessions setup-pm silent-failure-hunter skill-create skill-stocktake
+strategic-compact tdd tdd-guide tdd-workflow test-coverage update-codemaps
+update-docs verification-loop verify x-api
+"
+
+is_keep() {
+  # v26.11.1 — grep -F (fixed string)로 정규식 메타문자 안전. 공백으로 단어 경계 강제.
+  echo " $KEEP_ITEMS " | tr -s ' \n' ' ' | grep -qF " $1 "
+}
+
+# --- Step 1: 글로벌 ECC cache 발견 ---
+section "[1/5] Discover global ECC plugin cache (read-only)"
+ECC_CACHE_BASE="$HOME/.claude/plugins/cache/everything-claude-code/everything-claude-code"
+if [ ! -d "$ECC_CACHE_BASE" ]; then
+  fail "ECC plugin 미설치 — 다음 명령으로 먼저 설치:"
+  echo "    claude plugin marketplace add affaan-m/everything-claude-code"
+  echo "    claude plugin install everything-claude-code@everything-claude-code"
+  exit 1
+fi
+ECC_VERSION=$(ls -1 "$ECC_CACHE_BASE" 2>/dev/null | sort -V | tail -1)
+# ECC v1.10.0 구조: 1.10.0/ 자체가 root (skills/, agents/, commands/ top-level).
+# everything-claude-code/ 는 빈 디렉토리, ecc2/는 별개 Rust 프로젝트.
+ECC_SOURCE="$ECC_CACHE_BASE/$ECC_VERSION"
+if [ ! -d "$ECC_SOURCE/skills" ] || [ ! -d "$ECC_SOURCE/agents" ]; then
+  fail "ECC plugin source 디렉토리 미발견 (skills/ + agents/): $ECC_SOURCE"
+  exit 1
+fi
+info "Source: $ECC_SOURCE (v$ECC_VERSION)"
+
+# --- Step 2: 복사 (또는 기존 사용) ---
+section "[2/5] Copy to project local"
+if [ -d "$DEST" ] && [ "$KEEP_EXISTING" = true ]; then
+  info "기존 $DEST 유지 (--keep-existing)"
+elif [ "$APPLY" = false ]; then
+  warn "[DRY-RUN] would copy: $ECC_SOURCE → $DEST"
+else
+  if [ -d "$DEST" ]; then
+    warn "기존 $DEST 제거 후 재복사"
+    rm -rf "$DEST"
+  fi
+  mkdir -p "$(dirname "$DEST")"
+  cp -R "$ECC_SOURCE" "$DEST"
+  info "Copied to: $DEST"
+fi
+
+# --- Step 3: prune 분석 ---
+section "[3/5] Prune analysis"
+SCAN_DIR="$DEST"
+[ ! -d "$SCAN_DIR" ] && SCAN_DIR="$ECC_SOURCE"  # dry-run 시 source로 분석
+
+declare -a PRUNE_TARGETS=()
+KEEP_COUNT=0
+PRUNE_COUNT=0
+
+analyze_dir() {
+  local kind="$1" dir="$2"
+  [ ! -d "$dir" ] && return
+  local kept=0 pruned=0
+  if [ "$kind" = "directory" ]; then
+    for d in "$dir"/*/; do
+      [ -d "$d" ] || continue
+      local name; name=$(basename "$d")
+      if is_keep "$name"; then
+        kept=$((kept+1))
+      else
+        PRUNE_TARGETS+=("$d")
+        pruned=$((pruned+1))
+      fi
+    done
+  else
+    for f in "$dir"/*.md; do
+      [ -f "$f" ] || continue
+      local name; name=$(basename "$f" .md)
+      if is_keep "$name"; then
+        kept=$((kept+1))
+      else
+        PRUNE_TARGETS+=("$f")
+        pruned=$((pruned+1))
+      fi
+    done
+  fi
+  KEEP_COUNT=$((KEEP_COUNT+kept))
+  PRUNE_COUNT=$((PRUNE_COUNT+pruned))
+  printf "  %-50s keep=%3d  prune=%3d\n" "${dir#$SCAN_DIR/}" "$kept" "$pruned"
+}
+
+analyze_dir "directory" "$SCAN_DIR/skills"
+analyze_dir "file"      "$SCAN_DIR/agents"
+analyze_dir "file"      "$SCAN_DIR/commands"
+[ -d "$SCAN_DIR/.opencode/commands" ] && analyze_dir "file" "$SCAN_DIR/.opencode/commands"
+[ -d "$SCAN_DIR/.claude/commands" ]   && analyze_dir "file" "$SCAN_DIR/.claude/commands"
+
+echo ""
+echo -e "  ${BOLD}Total keep: ${GREEN}$KEEP_COUNT${NC}${BOLD}  prune: ${RED}$PRUNE_COUNT${NC}"
+
+# KEEP 누락 검증
+section "KEEP missing check (사용자 리스트 중 plugin에 없는 것)"
+NOT_FOUND=()
+for k in $KEEP_ITEMS; do
+  if ! find "$SCAN_DIR/skills" "$SCAN_DIR/agents" "$SCAN_DIR/commands" \
+         "$SCAN_DIR/.opencode/commands" "$SCAN_DIR/.claude/commands" \
+         -maxdepth 1 \( -type d -name "$k" -o -type f -name "$k.md" \) 2>/dev/null \
+         | grep -q .; then
+    NOT_FOUND+=("$k")
+  fi
+done
+if [ "${#NOT_FOUND[@]}" -eq 0 ]; then
+  # 카운트는 KEEP_ITEMS 에서 동적 산출 (하드코딩 시 89→92→98 처럼 drift 누적).
+  info "모든 KEEP $(echo "$KEEP_ITEMS" | wc -w | tr -d ' ')건 plugin에 존재"
+else
+  warn "KEEP 누락 ${#NOT_FOUND[@]}건 (이름 변경/제거됐을 수 있음):"
+  printf '    - %s\n' "${NOT_FOUND[@]}"
+fi
+
+# --- Step 4: apply ---
+section "[4/5] Apply prune"
+if [ "$APPLY" = false ]; then
+  warn "DRY-RUN — 변경 없음. 실제 복사+prune은 --apply 추가."
+  echo "    bash prune-ecc.sh --apply"
+  exit 0
+fi
+
+# v26.15.0 — --copy-only: prune 단계 skip
+if [ "$COPY_ONLY" = true ]; then
+  info "copy-only 모드 — prune 단계 skip (전체 ECC 유지)"
+  DELETED=0
+  FAILED=0
+else
+  if [ "$FORCE" = false ]; then
+    echo ""
+    echo -e "  ${YELLOW}경고:${NC} ${PRUNE_COUNT}건을 ${DEST} 하위에서 영구 삭제합니다."
+    echo "  글로벌 cache는 영향 없음. 다른 프로젝트도 영향 없음."
+    read -rp "  진행? [y/N]: " ANSWER < /dev/tty 2>/dev/null || ANSWER=""
+    [[ ! "$ANSWER" =~ ^[Yy]$ ]] && { warn "취소됨"; exit 0; }
+  fi
+  DELETED=0
+  FAILED=0
+  for target in "${PRUNE_TARGETS[@]}"; do
+    if rm -rf "$target" 2>/dev/null; then
+      DELETED=$((DELETED+1))
+    else
+      FAILED=$((FAILED+1))
+      fail "삭제 실패: $target"
+    fi
+  done
+fi
+
+# --- Step 5: .gitignore + 사용 안내 ---
+section "[5/5] Post-actions"
+if ! grep -q "^.claude/local-plugins/" .gitignore 2>/dev/null; then
+  echo ".claude/local-plugins/" >> .gitignore
+  info ".gitignore에 .claude/local-plugins/ 추가"
+else
+  info ".gitignore 이미 등록됨"
+fi
+
+# v26.15.0 — DELETED / KEPT 상세 목록 출력
+if [ "$COPY_ONLY" = false ] && [ "$DELETED" -gt 0 ]; then
+  echo ""
+  echo -e "${BOLD}========== DELETED ($DELETED) ==========${NC}"
+  for category in skills agents commands; do
+    local_deleted=()
+    for target in "${PRUNE_TARGETS[@]}"; do
+      case "$target" in
+        *"/$category/"*)
+          local_deleted+=("$(basename "$target")") ;;
+      esac
+    done
+    if [ "${#local_deleted[@]}" -gt 0 ]; then
+      echo -e "  ${RED}$category/${NC} (${#local_deleted[@]}):"
+      printf '    - %s\n' "${local_deleted[@]}" | sort
+    fi
+  done
+fi
+
+echo ""
+echo -e "${BOLD}========== KEPT ($KEEP_COUNT) ==========${NC}"
+for category in skills agents commands; do
+  dir="$DEST/$category"
+  [ ! -d "$dir" ] && continue
+  kept_items=()
+  for item in "$dir"/*; do
+    [ -e "$item" ] || continue
+    kept_items+=("$(basename "$item" | sed 's/\.md$//')")
+  done
+  if [ "${#kept_items[@]}" -gt 0 ]; then
+    echo -e "  ${GREEN}$category/${NC} (${#kept_items[@]}):"
+    printf '    - %s\n' "${kept_items[@]}" | sort
+  fi
+done
+
+echo ""
+echo -e "${BOLD}========== Summary ==========${NC}"
+echo -e "  ${GREEN}Deleted: $DELETED${NC}"
+[ "$FAILED" -gt 0 ] && echo -e "  ${RED}Failed: $FAILED${NC}"
+echo -e "  ${BOLD}Remaining (KEEP): $KEEP_COUNT${NC}"
+echo -e "  ${BOLD}Location: $DEST${NC}"
+echo ""
+echo -e "${BOLD}사용법:${NC}"
+echo "  claude --plugin-dir $DEST"
+echo ""
+echo -e "${BOLD}재실행 필요 시점:${NC}"
+echo "  - ECC plugin 업데이트 후 (claude plugin update)"
+echo "  - 글로벌 cache 갱신 후"

package/templates/CLAUDE.md

@@ -0,0 +1,86 @@
+# Uzys-agent-harness CLAUDE.md
+These rules apply to every task in this project unless explicitly overridden.
+Bias: caution over speed on non-trivial work. Use judgment on trivial tasks.
+
+## Rule 1 — Think Before Coding
+State assumptions explicitly. If uncertain, ask rather than guess.
+Present multiple interpretations when ambiguity exists.
+Push back when a simpler approach exists.
+Stop when confused. Name what's unclear.
+
+## Rule 2 — Simplicity First
+Minimum code that solves the problem. Nothing speculative.
+No features beyond what was asked. No abstractions for single-use code.
+Test: would a senior engineer say this is overcomplicated? If yes, simplify.
+
+## Rule 3 — Surgical Changes
+Touch only what you must. Clean up only your own mess.
+Don't "improve" adjacent code, comments, or formatting.
+Don't refactor what isn't broken. Match existing style.
+
+## Rule 4 — Goal-Driven Execution
+Define success criteria. Loop until verified.
+Don't follow steps. Define success and iterate.
+Strong success criteria let you loop independently.
+
+## Rule 5 — Use the model only for judgment calls
+Use me for: classification, drafting, summarization, extraction.
+Do NOT use me for: routing, retries, deterministic transforms.
+If code can answer, code answers.
+
+## Rule 6 — Token budgets are not advisory
+Per-task: 4,000 tokens. Per-session: 30,000 tokens.
+If approaching budget, summarize and start fresh.
+Surface the breach. Do not silently overrun.
+
+## Rule 7 — Surface conflicts, don't average them
+If two patterns contradict, pick one (more recent / more tested).
+Explain why. Flag the other for cleanup.
+Don't blend conflicting patterns.
+
+## Rule 8 — Read before you write
+Before adding code, read exports, immediate callers, shared utilities.
+"Looks orthogonal" is dangerous. If unsure why code is structured a way, ask.
+
+## Rule 9 — Tests verify intent, not just behavior
+Tests must encode WHY behavior matters, not just WHAT it does.
+A test that can't fail when business logic changes is wrong.
+
+## Rule 10 — Checkpoint after every significant step
+Summarize what was done, what's verified, what's left.
+Don't continue from a state you can't describe back.
+If you lose track, stop and restate.
+
+## Rule 11 — Match the codebase's conventions, even if you disagree
+Conformance > taste inside the codebase.
+If you genuinely think a convention is harmful, surface it. Don't fork silently.
+
+## Rule 12 — Fail loud
+"Completed" is wrong if anything was skipped silently.
+"Tests pass" is wrong if any were skipped.
+Default to surfacing uncertainty, not hiding it.
+
+## Anti-Patterns (Forbidden)
+"feels kind of weak intuitively" / "probably won't be used" → speculation
+"it's an advanced feature, so low value" → assertion with no criteria
+"generally needed" → unverifiable
+"in my experience" → unsourced generalization
+
+## When Requesting Decisions or Confirmation
+Explain in detail, with the surrounding before/after context, so it's easy to understand.
+State the recommended option and the reason for it.
+Explain it in a way that can be understood as UI/UX.
+Explain it in AS-IS / TO-BE form.
+Frame every choice from the user's perspective — the benefit gained vs. the cost incurred — and visualize the trade-off (e.g., a comparison table) instead of leaving it in prose.
+
+## Run Self-Audit on Phase/Task Completion
+Acceptance Criteria met [Pass/Fail per item]
+Confirm DO NOT CHANGE areas were not modified
+Confirm no Non-Goals were violated
+Any changes not traceable to the request
+Open decisions / follow-up work
+
+## Context Management
+autocompact enabled. Consider manual /compact when reaching 50%.
+Re-reference SPEC/PRD at the start of every session (Persistent Anchor).
+On phase transitions, do a structured state handoff. Keep SPEC/PRD/TODO current.

package/templates/agents/build-error-resolver.md

@@ -0,0 +1,114 @@
+---
+name: build-error-resolver
+description: Build and TypeScript error resolution specialist. Use PROACTIVELY when build fails or type errors occur. Fixes build/type errors only with minimal diffs, no architectural edits. Focuses on getting the build green quickly.
+tools: ["Read", "Write", "Edit", "Bash", "Grep", "Glob"]
+model: sonnet
+---
+
+# Build Error Resolver
+
+You are an expert build error resolution specialist. Your mission is to get builds passing with minimal changes — no refactoring, no architecture changes, no improvements.
+
+## Core Responsibilities
+
+1. **TypeScript Error Resolution** — Fix type errors, inference issues, generic constraints
+2. **Build Error Fixing** — Resolve compilation failures, module resolution
+3. **Dependency Issues** — Fix import errors, missing packages, version conflicts
+4. **Configuration Errors** — Resolve tsconfig, webpack, Next.js config issues
+5. **Minimal Diffs** — Make smallest possible changes to fix errors
+6. **No Architecture Changes** — Only fix errors, don't redesign
+
+## Diagnostic Commands
+
+```bash
+npx tsc --noEmit --pretty
+npx tsc --noEmit --pretty --incremental false   # Show all errors
+npm run build
+npx eslint . --ext .ts,.tsx,.js,.jsx
+```
+
+## Workflow
+
+### 1. Collect All Errors
+- Run `npx tsc --noEmit --pretty` to get all type errors
+- Categorize: type inference, missing types, imports, config, dependencies
+- Prioritize: build-blocking first, then type errors, then warnings
+
+### 2. Fix Strategy (MINIMAL CHANGES)
+For each error:
+1. Read the error message carefully — understand expected vs actual
+2. Find the minimal fix (type annotation, null check, import fix)
+3. Verify fix doesn't break other code — rerun tsc
+4. Iterate until build passes
+
+### 3. Common Fixes
+
+| Error | Fix |
+|-------|-----|
+| `implicitly has 'any' type` | Add type annotation |
+| `Object is possibly 'undefined'` | Optional chaining `?.` or null check |
+| `Property does not exist` | Add to interface or use optional `?` |
+| `Cannot find module` | Check tsconfig paths, install package, or fix import path |
+| `Type 'X' not assignable to 'Y'` | Parse/convert type or fix the type |
+| `Generic constraint` | Add `extends { ... }` |
+| `Hook called conditionally` | Move hooks to top level |
+| `'await' outside async` | Add `async` keyword |
+
+## DO and DON'T
+
+**DO:**
+- Add type annotations where missing
+- Add null checks where needed
+- Fix imports/exports
+- Add missing dependencies
+- Update type definitions
+- Fix configuration files
+
+**DON'T:**
+- Refactor unrelated code
+- Change architecture
+- Rename variables (unless causing error)
+- Add new features
+- Change logic flow (unless fixing error)
+- Optimize performance or style
+
+## Priority Levels
+
+| Level | Symptoms | Action |
+|-------|----------|--------|
+| CRITICAL | Build completely broken, no dev server | Fix immediately |
+| HIGH | Single file failing, new code type errors | Fix soon |
+| MEDIUM | Linter warnings, deprecated APIs | Fix when possible |
+
+## Quick Recovery
+
+```bash
+# Nuclear option: clear all caches
+rm -rf .next node_modules/.cache && npm run build
+
+# Reinstall dependencies
+rm -rf node_modules package-lock.json && npm install
+
+# Fix ESLint auto-fixable
+npx eslint . --fix
+```
+
+## Success Metrics
+
+- `npx tsc --noEmit` exits with code 0
+- `npm run build` completes successfully
+- No new errors introduced
+- Minimal lines changed (< 5% of affected file)
+- Tests still passing
+
+## When NOT to Use
+
+- Code needs refactoring → use `refactor-cleaner`
+- Architecture changes needed → use `architect`
+- New features required → use `planner`
+- Tests failing → use `tdd-guide`
+- Security issues → use `security-reviewer`
+
+---
+
+**Remember**: Fix the error, verify the build passes, move on. Speed and precision over perfection.