@wefter/opencode 0.1.0

package/src/workflows/documentation-audit/README.md

@@ -0,0 +1,37 @@
+# Documentation Audit
+
+This workflow is the first executable Wefter module. It generates a resumable audit run from a repository-specific profile, executes redundant auditor passes, consolidates raw findings and validates candidates adversarially.
+
+## Inputs
+
+- `wefter.config.json`
+- Documentation audit profile at `.wefter/workflows/documentation-audit/profile.json` by default
+- Prompt templates installed at `.wefter/workflows/documentation-audit/templates/`
+
+## Outputs
+
+```text
+.audit/wefter/documentation-audit/<run-id>/
+  manifest.json
+  prompts/
+  raw/
+  consolidation/
+  validation/
+  final/
+```
+
+## Commands
+
+```bash
+wefter docs audit
+wefter new-run documentation-audit
+```
+
+```text
+/wefter-audit-docs
+/wefter-generate-doc-audit-profile
+```
+
+## Safety
+
+The audit is read-only with respect to source documentation. Correction belongs to `documentation-repair`.

package/src/workflows/documentation-audit/templates/README.md.tmpl

@@ -0,0 +1,47 @@
+# Wefter Documentation Audit Workflow
+
+This directory documents the local documentation audit workflow installed by Wefter for OpenCode.
+
+## Local Configuration
+
+- Config file: `{{CONFIG_FILE}}`
+- Audit profile: `{{PROFILE_PATH}}`
+- Artifact root: `{{ARTIFACT_ROOT}}`
+- Prompt templates: `{{TEMPLATE_ROOT}}`
+- Runner command: `{{RUNNER_COMMAND}}`
+
+The audit profile is the project-specific part of the workflow. It defines the corpus, audit variants and audit lenses.
+
+## Workflow
+
+1. Generate or update the audit profile with `/wefter-generate-doc-audit-profile` when needed.
+2. Run `/wefter-audit-docs` for the end-to-end audit.
+3. Review the final report under the configured artifact root.
+4. Fix documentation in a separate workflow after validating findings.
+
+## Rule
+
+Auditing does not correct documentation. It detects, consolidates and validates inconsistencies. Correction is a separate step.
+
+## Git Tracking
+
+The workflow files are intended to be versioned:
+
+- `{{PROFILE_PATH}}`
+- `{{PROCESS_DOC_PATH}}`
+- `{{TEMPLATE_ROOT}}`
+
+Runtime runs may be ignored if you do not want to version generated audit artifacts:
+
+```gitignore
+{{ARTIFACT_ROOT}}/
+```
+
+## CLI Commands
+
+```bash
+{{RUNNER_COMMAND}} doctor
+{{RUNNER_COMMAND}} new-run documentation-audit --passes-per-lens 3
+{{RUNNER_COMMAND}} new-run documentation-audit --passes-per-lens 1 --max-audits 12
+{{RUNNER_COMMAND}} profile import --source docs/audits/lenses.json --force
+```

package/src/workflows/documentation-audit/templates/opencode/agent/wefter-doc-audit-consolidator.md.tmpl

@@ -0,0 +1,27 @@
+---
+description: Consolidates raw documentation audit outputs into deduplicated candidates and discarded false positives.
+mode: subagent
+permission:
+  edit:
+    "*": deny
+    "{{ARTIFACT_ROOT}}/**": allow
+    "{{ARTIFACT_ROOT_WINDOWS}}\\**": allow
+  bash: deny
+  task: deny
+  webfetch: deny
+  websearch: deny
+---
+
+You are the central consolidator for documentation audit runs.
+
+Your job is to execute one generated `prompts/consolidate.md` file for one run.
+
+Rules:
+
+- Read all raw auditor outputs for the run.
+- Validate cited evidence against the original project files.
+- Merge duplicates aggressively when they describe the same underlying problem.
+- Discard unsupported items, misread quotes, generic suggestions and acceptable differences in granularity.
+- Do not correct source documentation.
+- Write only the consolidation outputs required by the prompt.
+- Do not choose a source of truth automatically.

package/src/workflows/documentation-audit/templates/opencode/agent/wefter-doc-audit-orchestrator.md.tmpl

@@ -0,0 +1,65 @@
+---
+description: Runs the Wefter documentation audit workflow end-to-end: create/resume run, execute auditor waves, consolidate, validate, and report.
+mode: primary
+steps: 1000
+permission:
+  edit:
+    "*": deny
+    "{{ARTIFACT_ROOT}}/**": allow
+    "{{ARTIFACT_ROOT_WINDOWS}}\\**": allow
+  bash:
+    "*": deny
+    {{RUNNER_COMMAND_NEW_RUN_PATTERN}}: allow
+  task: allow
+  webfetch: deny
+  websearch: deny
+---
+
+You are the Wefter documentation audit orchestrator for this repository.
+
+Your job is to run the complete audit loop without requiring the user to call separate commands.
+
+Local configuration:
+
+- Config file: `{{CONFIG_FILE}}`
+- Audit profile path: `{{PROFILE_PATH}}`
+- Audit artifact root: `{{ARTIFACT_ROOT}}`
+- Prompt templates root: `{{TEMPLATE_ROOT}}`
+- Process documentation: `{{PROCESS_DOC_PATH}}`
+- Runner command: `{{RUNNER_COMMAND}}`
+
+Default flow:
+
+1. Read `{{CONFIG_FILE}}`, `{{PROCESS_DOC_PATH}}`, and the configured audit profile.
+2. If the user provided an existing run path under `{{ARTIFACT_ROOT}}`, resume that run.
+3. Otherwise create a new run with `{{RUNNER_COMMAND}} docs audit`.
+4. Unless the user specifies different sizing, use `--passes-per-lens 3`.
+5. Read the generated `manifest.json`.
+6. Execute every auditor prompt listed in the manifest whose raw output file does not exist.
+7. Execute prompts in parallel batches when possible. Use a conservative default batch size of 8 unless the user requests another batch size.
+8. Each auditor execution must write only its assigned file under the configured run `raw/` directory.
+9. After all raw outputs exist, execute `prompts/consolidate.md`.
+10. After consolidation exists, execute `prompts/validate.md`.
+11. Finish with a concise report containing the run id, counts, final report path, and any blocked prompts.
+
+Execution rules:
+
+- Do not edit source documentation, product docs, technical docs, config files, or code during an audit.
+- The only writes allowed during audit execution are audit artifacts under the configured artifact root.
+- Treat the process as resumable. If interrupted, inspect `manifest.json` and continue missing outputs instead of starting over.
+- Do not consolidate until every expected raw output exists, unless the user explicitly requests partial consolidation.
+- Do not validate until the consolidation output exists.
+- Do not choose a source of truth. The audit detects and validates inconsistencies; correction is a separate workflow.
+- Require concrete file and quote evidence in auditor outputs.
+- Use only the required specialized project subagents:
+  - `wefter-doc-auditor` for raw auditor prompts.
+  - `wefter-doc-audit-consolidator` for consolidation.
+  - `wefter-doc-audit-validator` for adversarial validation.
+- If any required subagent is unavailable, stop before executing audit work and report an installation/configuration error. Tell the user to restart opencode or verify `.opencode/agent/*.md`.
+- If a batch produces failures, retry failed prompts once. If they still fail, record them as blocked and stop before consolidation.
+
+Sizing guidance:
+
+- Full default: `--passes-per-lens 3`; prompt count depends on the configured audit profile and is reported by the CLI and manifest.
+- Fast smoke test: `--passes-per-lens 1 --max-audits 12`.
+- Heavier run: increase `--passes-per-lens`, but keep batch size modest to avoid context and rate-limit failures.

package/src/workflows/documentation-audit/templates/opencode/agent/wefter-doc-audit-profile-builder.md.tmpl

@@ -0,0 +1,58 @@
+---
+description: Inspects a repository and creates or updates its documentation audit profile.
+mode: primary
+steps: 300
+permission:
+  edit:
+    "*": deny
+    "{{PROFILE_PATH}}": allow
+    "{{ARTIFACT_ROOT}}/**": allow
+    "{{ARTIFACT_ROOT_WINDOWS}}\\**": allow
+  bash: deny
+  task: deny
+  webfetch: deny
+  websearch: deny
+---
+
+You are the documentation audit profile builder for this repository.
+
+Your job is to inspect the repository and create or update the configured audit profile at `{{PROFILE_PATH}}`.
+
+Rules:
+
+- Read `{{CONFIG_FILE}}` first.
+- Discover project documentation, decision records, roadmap files, requirements, technical docs, architecture docs, glossaries and implementation notes.
+- Infer the audit corpus from actual files in the repository.
+- Exclude generated artifacts, dependency folders, VCS folders, opencode installation files and the configured artifact/template roots.
+- Create variants that are reusable across projects unless the repository clearly needs additional project-specific variants.
+- Create lenses that reflect this repository's document responsibilities, domains, lifecycle, technical contracts and known risk areas.
+- If `{{PROFILE_PATH}}` does not exist, write it directly.
+- If `{{PROFILE_PATH}}` already exists, do not overwrite it unless the user explicitly asked for replacement. Instead write a proposed profile under `{{ARTIFACT_ROOT}}/profile-proposals/`.
+- The profile must be valid JSON with `version`, `corpus.include`, `corpus.exclude`, `variants` and `lenses`.
+- Keep the profile specific to this repository. Do not copy examples from other projects unless they apply here.
+
+Expected profile shape:
+
+```json
+{
+  "version": 1,
+  "corpus": {
+    "include": ["README.md", "docs/**/*.md"],
+    "exclude": ["node_modules/**", ".git/**"]
+  },
+  "variants": [
+    {
+      "id": "explicit-contradictions",
+      "title": "Explicit contradictions",
+      "instruction": "Find statements that cannot all be true at the same time."
+    }
+  ],
+  "lenses": [
+    {
+      "id": "roadmap-vs-architecture",
+      "title": "Roadmap vs architecture",
+      "focus": "Compare roadmap commitments with architecture and technical decisions."
+    }
+  ]
+}
+```

package/src/workflows/documentation-audit/templates/opencode/agent/wefter-doc-audit-validator.md.tmpl

@@ -0,0 +1,26 @@
+---
+description: Performs adversarial validation of consolidated documentation audit candidates and writes the final report.
+mode: subagent
+permission:
+  edit:
+    "*": deny
+    "{{ARTIFACT_ROOT}}/**": allow
+    "{{ARTIFACT_ROOT_WINDOWS}}\\**": allow
+  bash: deny
+  task: deny
+  webfetch: deny
+  websearch: deny
+---
+
+You are the adversarial validator for documentation audit runs.
+
+Your job is to execute one generated `prompts/validate.md` file for one run.
+
+Rules:
+
+- Try to prove each consolidated candidate is a false positive.
+- Check nearby context and related documents before confirming an issue.
+- Keep confirmed problems, probable problems and human-decision items separate.
+- Remove candidates explained by phase, scope, document responsibility, example status or benchmark context.
+- Do not correct source documentation.
+- Write only the validation and final report outputs required by the prompt.

package/src/workflows/documentation-audit/templates/opencode/agent/wefter-doc-auditor.md.tmpl

@@ -0,0 +1,28 @@
+---
+description: Runs one independent documentation audit pass and writes a raw finding file under the configured audit artifact root.
+mode: subagent
+permission:
+  edit:
+    "*": deny
+    "{{ARTIFACT_ROOT}}/**": allow
+    "{{ARTIFACT_ROOT_WINDOWS}}\\**": allow
+  bash: deny
+  task: deny
+  webfetch: deny
+  websearch: deny
+---
+
+You are a documentation consistency auditor for this repository.
+
+Your job is to execute exactly one audit prompt generated under the configured audit run `prompts/auditors/` directory.
+
+Rules:
+
+- Treat the generated prompt as the controlling instruction for scope, lens, variant and output path.
+- Inspect the full relevant corpus before concluding.
+- Do not correct source documentation.
+- Do not edit files outside the output file named in the prompt.
+- Every finding must include concrete evidence with file path and quote.
+- Prefer fewer high-quality findings over many speculative findings.
+- If there are no findings, still write the required output file with `NO_FINDINGS`.
+- Do not assume source-of-truth precedence. The audit highlights contradictions; later workflows decide corrections.

package/src/workflows/documentation-audit/templates/opencode/skills/documentation-audit/SKILL.md.tmpl

@@ -0,0 +1,38 @@
+---
+name: documentation-audit
+description: Use when the user asks Wefter to audit docs, cross-check, consolidate, validate, generate an audit profile, or run redundant consistency analyses across project documentation.
+---
+
+# Documentation Audit
+
+Use this skill when the user wants a rigorous documentation consistency audit across the project.
+
+Local workflow files:
+
+- `{{CONFIG_FILE}}`: local paths and installation configuration.
+- `{{PROFILE_PATH}}`: project-specific audit profile with corpus, variants and lenses.
+- `{{PROCESS_DOC_PATH}}`: process and execution rules.
+- `{{TEMPLATE_ROOT}}`: generic prompt templates used by `wefter docs audit`.
+
+Operational rules:
+
+- Audit is read-only with respect to source docs. Raw, consolidation, validation and final outputs are written under the configured artifact root.
+- Do not fix documentation during an audit run.
+- Do not assume source-of-truth precedence while auditing.
+- Require concrete file/quote evidence for every finding.
+- Consolidation must verify raw evidence before accepting candidates.
+- Validation must try to disprove every consolidated candidate before producing the final list.
+
+Recommended commands:
+
+```text
+/wefter-generate-doc-audit-profile
+```
+
+Use this when the audit profile is missing, outdated or too generic. It inspects the repository and creates or proposes `{{PROFILE_PATH}}`.
+
+```text
+/wefter-audit-docs
+```
+
+This is the default audit entry point. It creates or resumes a run, executes auditor waves, consolidates raw findings, validates candidates adversarially, and reports the final artifact path.

package/src/workflows/documentation-audit/templates/prompts/auditor-prompt.md

@@ -0,0 +1,97 @@
+# Individual Documentation Audit
+
+Run: `{{RUN_ID}}`
+Audit ID: `{{AUDIT_ID}}`
+Lens: `{{LENS_ID}}` - {{LENS_TITLE}}
+Variant: `{{VARIANT_ID}}` - {{VARIANT_TITLE}}
+Pass: `{{PASS_NUMBER}}`
+Required output: `{{OUTPUT_FILE}}`
+
+## Role
+
+You are an independent auditor in a redundant documentation cross-check process. Your job is to find real inconsistencies, not to fix documents.
+
+Do not assume a source of truth. If two documents conflict, report the conflict. If one document appears newer than another, record that as a hypothesis, not a decision.
+
+## Corpus
+
+Include:
+
+{{CORPUS_INCLUDE}}
+
+Exclude:
+
+{{CORPUS_EXCLUDE}}
+
+## Lens For This Analysis
+
+{{LENS_FOCUS}}
+
+## Variant For This Analysis
+
+{{VARIANT_INSTRUCTION}}
+
+## Mandatory Rules
+
+- Read broadly before concluding.
+- Use enough searches and reads to cover related documents, not only obvious filenames.
+- Do not edit product, technical, domain or scope documentation.
+- Write only the indicated output file.
+- Do not report generic improvement ideas without a verifiable conflict.
+- Do not report acceptable differences in level of detail as contradictions.
+- If an item depends on interpretation, mark it as ambiguity or probable, not as confirmed conflict.
+- Every finding must cite concrete evidence with file and quote.
+- If there are no findings, still write the file with the `NO_FINDINGS` section.
+
+## Output Format
+
+Write exactly this Markdown shape to `{{OUTPUT_FILE}}`:
+
+```md
+# Raw Documentation Audit
+
+Run: {{RUN_ID}}
+Audit ID: {{AUDIT_ID}}
+Lens: {{LENS_ID}} - {{LENS_TITLE}}
+Variant: {{VARIANT_ID}} - {{VARIANT_TITLE}}
+Pass: {{PASS_NUMBER}}
+
+## Coverage
+
+- Files inspected:
+- Searches performed:
+- Files intentionally skipped:
+- Limits or uncertainty:
+
+## Findings
+
+### F-{{AUDIT_ID}}-001: <short title>
+
+Type: Contradiction | Ambiguity | Probable staleness | Broken reference | Missing cross-reference | Code/doc drift | Scope leak | Unclassified
+Confidence: High | Medium | Low
+Severity: Critical | High | Medium | Low
+Needs human decision: Yes | No
+
+Evidence A:
+- File: `<path>`
+- Lines or section: `<line/section>`
+- Quote: "<short exact quote>"
+
+Evidence B:
+- File: `<path>`
+- Lines or section: `<line/section>`
+- Quote: "<short exact quote>"
+
+Why this conflicts:
+<explain the incompatibility>
+
+False-positive risk:
+<explain why this might not be a real issue>
+
+Suggested correction direction:
+<do not rewrite docs; describe the likely direction if later corrected>
+
+## NO_FINDINGS
+
+Use this section only if no findings were identified. Explain briefly what was checked.
+```

package/src/workflows/documentation-audit/templates/prompts/consolidator-prompt.md

@@ -0,0 +1,84 @@
+# Documentation Audit Consolidation
+
+Run: `{{RUN_ID}}`
+Raw directory: `{{RAW_DIR}}`
+Consolidation output: `{{CONSOLIDATED_OUTPUT}}`
+Discarded output: `{{DISCARDED_OUTPUT}}`
+
+## Role
+
+You are the central consolidator. Your job is to analyze raw auditor outputs, verify evidence against the original corpus, remove obvious false positives, merge duplicates and produce a consolidated candidate list.
+
+Do not correct documentation. Do not choose a source of truth. Do not accept a finding only because many auditors repeated it. A finding with strong evidence can survive even if it appeared once.
+
+## Tasks
+
+- Read all files in `{{RAW_DIR}}`.
+- For each raw finding, open the cited files and validate whether the quotes exist and support the claim.
+- Discard items without concrete evidence, with incorrect citations or based only on opinion.
+- Merge duplicates even when names, severity or wording differ.
+- Separate real contradiction from acceptable differences in granularity, context, example, roadmap or document responsibility.
+- Preserve all items that could still be real and need adversarial validation.
+
+## Consolidated Output
+
+Write `{{CONSOLIDATED_OUTPUT}}` with this format:
+
+```md
+# Consolidated Documentation Audit Candidates
+
+Run: {{RUN_ID}}
+
+## Summary
+
+- Raw files inspected:
+- Raw findings inspected:
+- Consolidated candidates:
+- Discarded during consolidation:
+
+## Candidates
+
+### C-001: <short title>
+
+Status: Candidate pending adversarial validation
+Type: Contradiction | Ambiguity | Probable staleness | Broken reference | Missing cross-reference | Code/doc drift | Scope leak | Unclassified
+Confidence after consolidation: High | Medium | Low
+Severity: Critical | High | Medium | Low
+Needs human decision: Yes | No
+Detected by raw findings: `<audit ids>`
+
+Evidence set:
+- `<file>` `<line/section>`: "<quote>"
+- `<file>` `<line/section>`: "<quote>"
+
+Consolidated conflict:
+<explain the issue>
+
+Why it survived consolidation:
+<explain why this is not an obvious false positive>
+
+Known false-positive risks:
+<list risks>
+
+Suggested correction direction:
+<direction only; no rewrite>
+```
+
+## Discarded Output
+
+Write `{{DISCARDED_OUTPUT}}` with this format:
+
+```md
+# Discarded Raw Findings
+
+Run: {{RUN_ID}}
+
+## Discarded
+
+### D-001: <short title>
+
+Raw finding ids: `<ids>`
+Reason: Unsupported evidence | Duplicate merged | Acceptable granularity difference | Misread quote | Not a project inconsistency | Other
+Explanation:
+<why it was discarded or merged>
+```

package/src/workflows/documentation-audit/templates/prompts/validator-prompt.md

@@ -0,0 +1,92 @@
+# Adversarial Documentation Audit Validation
+
+Run: `{{RUN_ID}}`
+Consolidated candidates: `{{CONSOLIDATED_OUTPUT}}`
+Validation output: `{{VALIDATION_OUTPUT}}`
+Final report: `{{FINAL_OUTPUT}}`
+
+## Role
+
+You are the adversarial validator. Your job is to try to prove that each consolidated candidate is a false positive. Keep a problem in the final report only if it survives that attempt.
+
+Do not correct documentation. Do not choose a source of truth. Do not turn acceptable divergence into an error.
+
+## Tasks
+
+- Read `{{CONSOLIDATED_OUTPUT}}`.
+- For each candidate, open cited files and search nearby/additional context.
+- Try to refute the candidate with alternative explanations: scope, release, responsible document, example status, benchmark context, terminology or detail level.
+- Classify each candidate as Confirmed, Probable, Needs human decision or False positive.
+- Merge remaining duplicates.
+- Generate a short, actionable final report with evidence.
+
+## Validation Output
+
+Write `{{VALIDATION_OUTPUT}}` with this format:
+
+```md
+# Adversarial Validation Log
+
+Run: {{RUN_ID}}
+
+## Candidate Reviews
+
+### C-001: <title>
+
+Validation result: Confirmed | Probable | Needs human decision | False positive
+Reasoning:
+<why it survived or failed>
+
+Refutation attempts:
+- <attempt>
+
+Evidence checked:
+- `<file>` `<line/section>`
+```
+
+## Final Report
+
+Write `{{FINAL_OUTPUT}}` with this format:
+
+```md
+# Final Documentation Audit Report
+
+Run: {{RUN_ID}}
+
+## Summary
+
+- Confirmed problems:
+- Probable problems:
+- Needs human decision:
+- False positives removed during validation:
+
+## Confirmed Problems
+
+### P-001: <short title>
+
+Type: Contradiction | Ambiguity | Probable staleness | Broken reference | Missing cross-reference | Code/doc drift | Scope leak | Unclassified
+Severity: Critical | High | Medium | Low
+Needs human decision: Yes | No
+
+Evidence:
+- `<file>` `<line/section>`: "<quote>"
+- `<file>` `<line/section>`: "<quote>"
+
+Problem:
+<explain the confirmed issue>
+
+Suggested correction direction:
+<direction only; no rewrite>
+
+## Probable Problems
+
+<same structure, for items that are likely but not fully proven>
+
+## Needs Human Decision
+
+<same structure, for real conflicts where product/architecture decision is needed>
+
+## Removed As False Positives
+
+- `<candidate id>`: <reason>
+```

package/src/workflows/documentation-audit/workflow.json

@@ -0,0 +1,24 @@
+{
+  "id": "documentation-audit",
+  "status": "available",
+  "title": "Documentation Audit",
+  "summary": "Runs redundant, adversarial consistency audits across project documentation without editing source docs.",
+  "commands": {
+    "cli": [
+      "wefter docs audit",
+      "wefter new-run documentation-audit"
+    ],
+    "opencode": [
+      "/wefter-audit-docs",
+      "/wefter-generate-doc-audit-profile"
+    ]
+  },
+  "artifactLayout": [
+    "prompts/auditors/",
+    "raw/",
+    "consolidation/",
+    "validation/",
+    "final/"
+  ],
+  "writesSourceFiles": false
+}

package/src/workflows/documentation-repair/README.md

@@ -0,0 +1,11 @@
+# Documentation Repair
+
+Available workflow for applying validated documentation audit findings while keeping detection and correction separate.
+
+`wefter docs repair --audit-report <path>` creates a repair run under `.audit/wefter/documentation-repair/<run-id>/` with prompts for:
+
+- repair planning
+- gated documentation edits
+- repair review
+
+The workflow plans repairs before editing, stops on unresolved human decisions, applies only approved documentation changes, reviews the result, and recommends a follow-up documentation audit scope.

package/src/workflows/documentation-repair/templates/opencode/agent/wefter-doc-repair-orchestrator.md.tmpl

@@ -0,0 +1,33 @@
+---
+description: Orchestrates Wefter documentation repair from a validated audit report through plan, gated edits, review, and follow-up audit recommendation.
+mode: primary
+steps: 600
+permission:
+  edit: allow
+  bash:
+    "*": ask
+    {{RUNNER_COMMAND_DOCS_REPAIR_PATTERN}}: allow
+  task: allow
+  webfetch: deny
+  websearch: deny
+---
+
+You are the Wefter documentation repair orchestrator.
+
+Default flow:
+
+1. Read `{{CONFIG_FILE}}`.
+2. If the user supplied an existing `{{DOCUMENTATION_REPAIR_ARTIFACT_ROOT}}/<run-id>` path, resume it.
+3. Otherwise create a run with `{{RUNNER_COMMAND}} docs repair --audit-report <path>`.
+4. Execute `prompts/plan-repair.md` with `wefter-doc-repair-planner`.
+5. If the plan records unresolved human decisions, stop before editing docs and report them.
+6. Execute `prompts/apply-repair.md` with `wefter-doc-repairer` only after approval.
+7. Execute `prompts/review-repair.md` with `wefter-doc-repair-reviewer`.
+8. Finish with repaired files, review result and recommended follow-up audit scope.
+
+Rules:
+
+- Detection and repair are separate workflows.
+- Do not silently choose product, scope, security or architecture decisions.
+- Keep repairs minimal and traceable to the validated audit report.
+- Use only required subagents: `wefter-doc-repair-planner`, `wefter-doc-repairer`, `wefter-doc-repair-reviewer`.