@wefter/opencode 0.2.0 → 0.3.0

package/src/workflows/product-shaping/templates/default-config.json

@@ -1,34 +1,34 @@
-{
-  "version": 1,
-  "workflowName": "product-shaping",
-  "releaseId": "01_mvp",
-  "specRoot": ".wefter/specs",
-  "runRoot": ".wefter/runs/product-shaping",
-  "contractPath": ".wefter/workflows/product-shaping/contracts/product-spec-contract.json",
-  "processDocPath": ".wefter/workflows/product-shaping/README.md",
-  "requiredFiles": [
-    "README.md",
-    "discovery/SOURCE_MATERIALS.md",
-    "discovery/IDEA_BRIEF.md",
-    "discovery/OPEN_QUESTIONS.md",
-    "references/README.md",
-    "PRODUCT_VISION.md",
-    "product/FEATURE_CATALOG.md",
-    "product/MODULE_ROADMAP.md",
-    "product/DOMAIN_MODEL.md",
-    "product/OPERATIONAL_FLOW.md",
-    "product/PRODUCT_DECISIONS.md",
-    "releases/README.md",
-    "releases/<release-id>/README.md",
-    "releases/<release-id>/SCOPE.md",
-    "releases/<release-id>/DOMAIN_SPEC.md",
-    "releases/<release-id>/ACCEPTANCE_CRITERIA.md",
-    "releases/<release-id>/DELIVERABLES.md"
-  ],
-  "completionGate": {
-    "requireNoReleaseBlockingQuestions": true,
-    "requireAdversarialReview": true,
-    "requireFinalValidation": true,
-    "readyDeliverableStatuses": ["ready"]
-  }
-}
+{
+  "version": 1,
+  "workflowName": "product-shaping",
+  "releaseId": "01_mvp",
+  "specRoot": ".wefter/specs",
+  "runRoot": ".wefter/runs/product-shaping",
+  "contractPath": ".wefter/workflows/product-shaping/contracts/product-spec-contract.json",
+  "processDocPath": ".wefter/workflows/product-shaping/README.md",
+  "requiredFiles": [
+    "README.md",
+    "discovery/SOURCE_MATERIALS.md",
+    "discovery/IDEA_BRIEF.md",
+    "discovery/OPEN_QUESTIONS.md",
+    "references/README.md",
+    "PRODUCT_VISION.md",
+    "product/FEATURE_CATALOG.md",
+    "product/MODULE_ROADMAP.md",
+    "product/DOMAIN_MODEL.md",
+    "product/OPERATIONAL_FLOW.md",
+    "product/PRODUCT_DECISIONS.md",
+    "releases/README.md",
+    "releases/<release-id>/README.md",
+    "releases/<release-id>/SCOPE.md",
+    "releases/<release-id>/DOMAIN_SPEC.md",
+    "releases/<release-id>/ACCEPTANCE_CRITERIA.md",
+    "releases/<release-id>/DELIVERABLES.md"
+  ],
+  "completionGate": {
+    "requireNoReleaseBlockingQuestions": true,
+    "requireAdversarialReview": true,
+    "requireFinalValidation": true,
+    "readyDeliverableStatuses": ["ready"]
+  }
+}

package/src/workflows/product-shaping/templates/default-profile.json

@@ -1,48 +1,48 @@
-{
-  "version": 1,
-  "workflowName": "product-shaping",
-  "variants": [
-    {
-      "id": "source-traceability",
-      "title": "Source traceability",
-      "instruction": "Find product ideas, requirements, scope items, domain rules or deliverables that lack traceability to source materials, market references or recorded product decisions."
-    },
-    {
-      "id": "scope-and-boundary",
-      "title": "Scope and boundary",
-      "instruction": "Find places where vision, feature catalog, roadmap, release scope, domain spec, acceptance criteria or deliverables overreach their documented responsibility."
-    },
-    {
-      "id": "decision-and-question-gates",
-      "title": "Decision and question gates",
-      "instruction": "Find unresolved questions, proposed decisions, ambiguous domain behavior or scope choices that should block release readiness or delivery handoff."
-    },
-    {
-      "id": "handoff-readiness",
-      "title": "Handoff readiness",
-      "instruction": "Find deliverables that are too broad, too task-like, missing source docs, missing acceptance links or not ready for delivery implementation."
-    }
-  ],
-  "lenses": [
-    {
-      "id": "doctrine-vs-spec-tree",
-      "title": "Doctrine vs spec tree",
-      "focus": "Compare generated product specs against the product-shaping README, file contracts, creation order, utilization order and precedence rules."
-    },
-    {
-      "id": "release-source-of-truth",
-      "title": "Release source of truth",
-      "focus": "Compare SCOPE.md, DOMAIN_SPEC.md, ACCEPTANCE_CRITERIA.md and DELIVERABLES.md for contradiction, omission and scope drift."
-    },
-    {
-      "id": "product-decision-integrity",
-      "title": "Product decision integrity",
-      "focus": "Compare OPEN_QUESTIONS.md and PRODUCT_DECISIONS.md against generated specs to ensure open questions remain visible and closed decisions are explicit."
-    },
-    {
-      "id": "delivery-handoff",
-      "title": "Delivery handoff",
-      "focus": "Evaluate whether DELIVERABLES.md is the only implementation handoff, contains valid statuses and avoids task-level implementation detail."
-    }
-  ]
-}
+{
+  "version": 1,
+  "workflowName": "product-shaping",
+  "variants": [
+    {
+      "id": "source-traceability",
+      "title": "Source traceability",
+      "instruction": "Find product ideas, requirements, scope items, domain rules or deliverables that lack traceability to source materials, market references or recorded product decisions."
+    },
+    {
+      "id": "scope-and-boundary",
+      "title": "Scope and boundary",
+      "instruction": "Find places where vision, feature catalog, roadmap, release scope, domain spec, acceptance criteria or deliverables overreach their documented responsibility."
+    },
+    {
+      "id": "decision-and-question-gates",
+      "title": "Decision and question gates",
+      "instruction": "Find unresolved questions, proposed decisions, ambiguous domain behavior or scope choices that should block release readiness or delivery handoff."
+    },
+    {
+      "id": "handoff-readiness",
+      "title": "Handoff readiness",
+      "instruction": "Find deliverables that are too broad, too task-like, missing source docs, missing acceptance links or not ready for delivery implementation."
+    }
+  ],
+  "lenses": [
+    {
+      "id": "doctrine-vs-spec-tree",
+      "title": "Doctrine vs spec tree",
+      "focus": "Compare generated product specs against the product-shaping README, file contracts, creation order, utilization order and precedence rules."
+    },
+    {
+      "id": "release-source-of-truth",
+      "title": "Release source of truth",
+      "focus": "Compare SCOPE.md, DOMAIN_SPEC.md, ACCEPTANCE_CRITERIA.md and DELIVERABLES.md for contradiction, omission and scope drift."
+    },
+    {
+      "id": "product-decision-integrity",
+      "title": "Product decision integrity",
+      "focus": "Compare OPEN_QUESTIONS.md and PRODUCT_DECISIONS.md against generated specs to ensure open questions remain visible and closed decisions are explicit."
+    },
+    {
+      "id": "delivery-handoff",
+      "title": "Delivery handoff",
+      "focus": "Evaluate whether DELIVERABLES.md is the only implementation handoff, contains valid statuses and avoids task-level implementation detail."
+    }
+  ]
+}

package/src/workflows/product-shaping/templates/documentation-audit/workflow-self-audit-auditor-prompt.md

@@ -1,116 +1,117 @@
-# Workflow Self Audit
-
-Run: `{{RUN_ID}}`
-Audit ID: `{{AUDIT_ID}}`
-Lens: `{{LENS_ID}}` - {{LENS_TITLE}}
-Variant: `{{VARIANT_ID}}` - {{VARIANT_TITLE}}
-Pass: `{{PASS_NUMBER}}`
-Required output: `{{OUTPUT_FILE}}`
-
-## Role
-
-You are a Wefter workflow self-auditor.
-
-This is not a generic documentation audit. Your job is to verify whether the product-shaping workflow can be safely published or kept available.
-
-Treat `src/workflows/product-shaping/README.md` as the declared product-shaping doctrine. Treat `CHANGELOG.md`, root `README.md` and files under `docs/` as release and public documentation claims. Treat schemas, contracts, prompt templates, OpenCode agents, skills, CLI behavior, tests, manifests and package metadata as derived artifacts.
-
-A derived artifact is wrong when it contradicts the product-shaping README unless the README itself conflicts with another hard rule, `CHANGELOG.md` or an explicit release decision. Treat prior review findings, seed prompts and existing audit artifacts as hypotheses, not conclusions.
-
-## Corpus
-
-Include:
-
-{{CORPUS_INCLUDE}}
-
-Exclude:
-
-{{CORPUS_EXCLUDE}}
-
-## Lens For This Analysis
-
-{{LENS_FOCUS}}
-
-## Variant For This Analysis
-
-{{VARIANT_INSTRUCTION}}
-
-## Depth Requirements
-
-Run this audit as a deep trace, not a keyword scan.
-
-1. Extract the README obligations relevant to this lens before judging derived artifacts.
-2. Trace those obligations across at least three artifact classes when they are relevant: schemas/contracts, CLI/runtime, prompt templates, OpenCode agents/skill, tests, public docs, package metadata or generated manifest shape.
-3. For each suspected issue, look for a refutation before reporting it: explicit exception text, scoped compatibility language, prompt-owned enforcement, human-gate ownership, or tests that prove the behavior is intentional.
-4. For runtime, handoff, path or validation claims, reason about at least one concrete success or bypass scenario. If you do not execute a scenario, state that limitation in Coverage.
-5. For release hygiene claims, inspect public docs and package metadata. If the lens asks about generated or untracked artifacts and you cannot inspect worktree status, state that limitation instead of assuming cleanliness.
-6. Do not stop after the first finding. After finding an issue, continue checking adjacent artifacts for a related second-order issue or a refutation.
-
-For `NO_FINDINGS`, explain which README obligations and artifact classes were checked.
-
-## Mandatory Rules
-
-- Read broadly before concluding.
-- Inspect Markdown, JSON, JavaScript, templates, tests and package metadata when they are in scope.
-- For CLI/runtime claims, compare docs against command dispatch, validation logic, generated manifests and tests.
-- For OpenCode claims, compare command templates, agent permissions, skill guidance and runner allowlists.
-- Do not edit source files.
-- Write only the indicated output file.
-- Do not report generic improvement ideas without a verifiable workflow consistency problem.
-- Do not report acceptable differences in level of detail as contradictions.
-- If an item depends on interpretation, mark it as ambiguity or probable, not as confirmed conflict.
-- Every finding must cite concrete evidence with file and quote.
-- If there are no findings, still write the file with the `NO_FINDINGS` section.
-
-## Output Format
-
-Write exactly this Markdown shape to `{{OUTPUT_FILE}}`:
-
-```md
-# Raw Documentation Audit
-
-Run: {{RUN_ID}}
-Audit ID: {{AUDIT_ID}}
-Lens: {{LENS_ID}} - {{LENS_TITLE}}
-Variant: {{VARIANT_ID}} - {{VARIANT_TITLE}}
-Pass: {{PASS_NUMBER}}
-
-## Coverage
-
-- Files inspected:
-- Searches performed:
-- Files intentionally skipped:
-- Limits or uncertainty:
-
-## Findings
-
-### F-{{AUDIT_ID}}-001: <short title>
-
-Type: Contradiction | Ambiguity | Probable staleness | Broken reference | Missing cross-reference | Code/doc drift | Scope leak | Unclassified
-Confidence: High | Medium | Low
-Severity: Critical | High | Medium | Low
-Needs human decision: Yes | No
-
-Evidence A:
-- File: `<path>`
-- Lines or section: `<line/section>`
-- Quote: "<short exact quote>"
-
-Evidence B:
-- File: `<path>`
-- Lines or section: `<line/section>`
-- Quote: "<short exact quote>"
-
-Why this conflicts:
-<explain the incompatibility>
-
-False-positive risk:
-<explain why this might not be a real issue>
-
-Suggested correction direction:
-<do not rewrite docs; describe the likely direction if later corrected>
-
-## NO_FINDINGS
-
-Use this section only if no findings were identified. Explain briefly what was checked.
-```
+# Workflow Self Audit
+
+Run: `{{RUN_ID}}`
+Audit ID: `{{AUDIT_ID}}`
+Lens: `{{LENS_ID}}` - {{LENS_TITLE}}
+Variant: `{{VARIANT_ID}}` - {{VARIANT_TITLE}}
+Pass: `{{PASS_NUMBER}}`
+Required output: `{{OUTPUT_FILE}}`
+
+## Role
+
+You are a Wefter workflow self-auditor.
+
+This is not a generic documentation audit. Your job is to verify whether the product-shaping workflow can be safely published or kept available.
+
+Treat `src/workflows/product-shaping/README.md` as the declared product-shaping doctrine. Treat `CHANGELOG.md`, root `README.md` and files under `docs/` as release and public documentation claims. Treat schemas, contracts, prompt templates, OpenCode agents, skills, CLI behavior, tests, manifests and package metadata as derived artifacts.
+
+A derived artifact is wrong when it contradicts the product-shaping README unless the README itself conflicts with another hard rule, `CHANGELOG.md` or an explicit release decision. Treat prior review findings, seed prompts and existing audit artifacts as hypotheses, not conclusions.
+
+## Corpus
+
+Include:
+
+{{CORPUS_INCLUDE}}
+
+Exclude:
+
+{{CORPUS_EXCLUDE}}
+
+## Lens For This Analysis
+
+{{LENS_FOCUS}}
+
+## Variant For This Analysis
+
+{{VARIANT_INSTRUCTION}}
+
+## Depth Requirements
+
+Run this audit as a deep trace, not a keyword scan.
+
+1. Extract the README obligations relevant to this lens before judging derived artifacts.
+2. Trace those obligations across at least three artifact classes when they are relevant: schemas/contracts, CLI/runtime, prompt templates, OpenCode agents/skill, tests, public docs, package metadata or generated manifest shape.
+3. For each suspected issue, look for a refutation before reporting it: explicit exception text, scoped compatibility language, prompt-owned enforcement, human-gate ownership, or tests that prove the behavior is intentional.
+4. For runtime, handoff, path or validation claims, reason about at least one concrete success or bypass scenario. If you do not execute a scenario, state that limitation in Coverage.
+5. For release hygiene claims, inspect public docs and package metadata. If the lens asks about generated or untracked artifacts and you cannot inspect worktree status, state that limitation instead of assuming cleanliness.
+6. Do not stop after the first finding. After finding an issue, continue checking adjacent artifacts for a related second-order issue or a refutation.
+
+For `NO_FINDINGS`, explain which README obligations and artifact classes were checked.
+
+## Mandatory Rules
+
+- Read broadly before concluding.
+- Inspect Markdown, JSON, JavaScript, templates, tests and package metadata when they are in scope.
+- For CLI/runtime claims, compare docs against command dispatch, validation logic, generated manifests and tests.
+- For OpenCode claims, compare command templates, agent permissions, skill guidance and runner allowlists.
+- Do not edit source files.
+- Write only the indicated output file.
+- Do not report generic improvement ideas without a verifiable workflow consistency problem.
+- Do not report acceptable differences in level of detail as contradictions.
+- If an item depends on interpretation, mark it as ambiguity or probable, not as confirmed conflict.
+- Every finding must cite concrete evidence with file and quote.
+- If there are no findings, still write the file with the `NO_FINDINGS` section.
+- If the runtime prevents writing `{{OUTPUT_FILE}}`, stop immediately and report that blocker. Do not continue auditing indefinitely.
+
+## Output Format
+
+Write exactly this Markdown shape to `{{OUTPUT_FILE}}`:
+
+```md
+# Raw Documentation Audit
+
+Run: {{RUN_ID}}
+Audit ID: {{AUDIT_ID}}
+Lens: {{LENS_ID}} - {{LENS_TITLE}}
+Variant: {{VARIANT_ID}} - {{VARIANT_TITLE}}
+Pass: {{PASS_NUMBER}}
+
+## Coverage
+
+- Files inspected:
+- Searches performed:
+- Files intentionally skipped:
+- Limits or uncertainty:
+
+## Findings
+
+### F-{{AUDIT_ID}}-001: <short title>
+
+Type: Contradiction | Ambiguity | Probable staleness | Broken reference | Missing cross-reference | Code/doc drift | Scope leak | Unclassified
+Confidence: High | Medium | Low
+Severity: Critical | High | Medium | Low
+Needs human decision: Yes | No
+
+Evidence A:
+- File: `<path>`
+- Lines or section: `<line/section>`
+- Quote: "<short exact quote>"
+
+Evidence B:
+- File: `<path>`
+- Lines or section: `<line/section>`
+- Quote: "<short exact quote>"
+
+Why this conflicts:
+<explain the incompatibility>
+
+False-positive risk:
+<explain why this might not be a real issue>
+
+Suggested correction direction:
+<do not rewrite docs; describe the likely direction if later corrected>
+
+## NO_FINDINGS
+
+Use this section only if no findings were identified. Explain briefly what was checked.
+```

package/src/workflows/product-shaping/templates/documentation-audit-profile.json

@@ -1,80 +1,80 @@
-{
-  "version": 1,
-  "auditorPromptPath": "src/workflows/product-shaping/templates/documentation-audit/workflow-self-audit-auditor-prompt.md",
-  "corpus": {
-    "include": [
-      "src/workflows/product-shaping/**",
-      "schemas/product-shaping-*.schema.json",
-      "schemas/wefter.config.schema.json",
-      "src/cli/main.js",
-      "test/cli.test.js",
-      "docs/**",
-      "CHANGELOG.md",
-      "package.json",
-      ".gitignore",
-      "README.md",
-      "wefter.config.json"
-    ],
-    "exclude": [
-      "node_modules/**",
-      ".git/**",
-      ".audit/**",
-      ".wefter/runs/**",
-      ".opencode/**"
-    ]
-  },
-  "variants": [
-    {
-      "id": "doctrine-drift",
-      "title": "Doctrine drift",
-      "instruction": "Find derived schemas, configs, prompts, agents, skills, CLI defaults or docs that contradict src/workflows/product-shaping/README.md."
-    },
-    {
-      "id": "missing-enforcement",
-      "title": "Missing enforcement",
-      "instruction": "Find README hard rules, completion gates, precedence rules or role boundaries that are not represented in derived artifacts."
-    },
-    {
-      "id": "legacy-vocabulary-leak",
-      "title": "Legacy vocabulary leak",
-      "instruction": "Find unintended use of legacy vocabulary such as phase, work unit or slice where release or deliverable should be canonical."
-    },
-    {
-      "id": "path-defaults",
-      "title": "Path defaults",
-      "instruction": "Find product-shaping defaults that write specs or runs outside .wefter/specs, .wefter/workflows or .wefter/runs without explicit config override."
-    }
-  ],
-  "lenses": [
-    {
-      "id": "doctrine-contract-surface",
-      "title": "Doctrine and contract surface",
-      "focus": "Extract the product-shaping README obligations for roots, vocabulary, required files, completion gates, handoff and availability. Compare them against workflow.json, default config/profile, schemas, structured contracts and generated manifest shape. Look for contradictions, under-specified dynamic placeholders, weak schema constraints and missing representation of mandatory doctrine."
-    },
-    {
-      "id": "spec-lifecycle-precedence",
-      "title": "Spec lifecycle and precedence",
-      "focus": "Audit the full product spec lifecycle: creation order, utilization order, file responsibilities, precedence rules, drift prevention, OPEN_QUESTIONS handling, PRODUCT_DECISIONS handling and reference-file dynamics. Compare README doctrine against contracts, prompts, validators, schemas and tests. Find order conflicts, skipped living documents, silent decision paths and ambiguous ownership."
-    },
-    {
-      "id": "runtime-gates-and-bypasses",
-      "title": "Runtime gates and bypasses",
-      "focus": "Audit CLI runtime behavior for product shape, product validate and work-unit handoff consumption. Compare docs and doctrine against command dispatch, config loading, path normalization, run generation, DELIVERABLES parsing, completion evidence, handoff compatibility, manifest trust and tests. Look for safe-equivalent path bypasses, stale evidence acceptance, documented-valid artifacts that fail validation and invalid artifacts that pass."
-    },
-    {
-      "id": "prompts-agents-opencode-execution",
-      "title": "Prompts, agents and OpenCode execution",
-      "focus": "Audit prompt templates, OpenCode agents, skill guidance, command registration, permissions and runner allowlists as one executable flow. Verify role boundaries, source-of-truth handling, hard stop conditions, read order, write permissions and whether the advertised product-shaping flow can run from shape through validation without inventing decisions or creating task specs."
-    },
-    {
-      "id": "public-release-and-package-hygiene",
-      "title": "Public release and package hygiene",
-      "focus": "Audit CHANGELOG.md, root README, docs, installation guidance, architecture docs, safety docs, self-audit docs, package metadata, .gitignore and release-facing claims. Compare public availability claims against executable behavior and package contents. Look for stale command lists, generated/private artifact leakage, ignored-output mistakes and docs that overstate what the runtime enforces."
-    },
-    {
-      "id": "tests-and-regression-coverage",
-      "title": "Tests and regression coverage",
-      "focus": "Audit whether tests actually protect product-shaping availability, path safety, schema/runtime alignment, OpenCode installation, completion gates, DELIVERABLES handoff and known adversarial edge cases. Compare tests against README hard rules, CHANGELOG claims and runtime behavior. Find important claims with no regression test, tests that encode undocumented behavior and happy-path-only coverage for risky gates."
-    }
-  ]
-}
+{
+  "version": 1,
+  "auditorPromptPath": "src/workflows/product-shaping/templates/documentation-audit/workflow-self-audit-auditor-prompt.md",
+  "corpus": {
+    "include": [
+      "src/workflows/product-shaping/**",
+      "schemas/product-shaping-*.schema.json",
+      "schemas/wefter.config.schema.json",
+      "src/cli/main.js",
+      "test/cli.test.js",
+      "docs/**",
+      "CHANGELOG.md",
+      "package.json",
+      ".gitignore",
+      "README.md",
+      "wefter.config.json"
+    ],
+    "exclude": [
+      "node_modules/**",
+      ".git/**",
+      ".audit/**",
+      ".wefter/runs/**",
+      ".opencode/**"
+    ]
+  },
+  "variants": [
+    {
+      "id": "doctrine-drift",
+      "title": "Doctrine drift",
+      "instruction": "Find derived schemas, configs, prompts, agents, skills, CLI defaults or docs that contradict src/workflows/product-shaping/README.md."
+    },
+    {
+      "id": "missing-enforcement",
+      "title": "Missing enforcement",
+      "instruction": "Find README hard rules, completion gates, precedence rules or role boundaries that are not represented in derived artifacts."
+    },
+    {
+      "id": "legacy-vocabulary-leak",
+      "title": "Legacy vocabulary leak",
+      "instruction": "Find unintended use of legacy vocabulary such as phase, work unit or slice where release or deliverable should be canonical."
+    },
+    {
+      "id": "path-defaults",
+      "title": "Path defaults",
+      "instruction": "Find product-shaping defaults that write specs or runs outside .wefter/specs, .wefter/workflows or .wefter/runs without explicit config override."
+    }
+  ],
+  "lenses": [
+    {
+      "id": "doctrine-contract-surface",
+      "title": "Doctrine and contract surface",
+      "focus": "Extract the product-shaping README obligations for roots, vocabulary, required files, completion gates, handoff and availability. Compare them against workflow.json, default config/profile, schemas, structured contracts and generated manifest shape. Look for contradictions, under-specified dynamic placeholders, weak schema constraints and missing representation of mandatory doctrine."
+    },
+    {
+      "id": "spec-lifecycle-precedence",
+      "title": "Spec lifecycle and precedence",
+      "focus": "Audit the full product spec lifecycle: creation order, utilization order, file responsibilities, precedence rules, drift prevention, OPEN_QUESTIONS handling, PRODUCT_DECISIONS handling and reference-file dynamics. Compare README doctrine against contracts, prompts, validators, schemas and tests. Find order conflicts, skipped living documents, silent decision paths and ambiguous ownership."
+    },
+    {
+      "id": "runtime-gates-and-bypasses",
+      "title": "Runtime gates and bypasses",
+      "focus": "Audit CLI runtime behavior for product shape, product validate and work-unit handoff consumption. Compare docs and doctrine against command dispatch, config loading, path normalization, run generation, DELIVERABLES parsing, completion evidence, handoff compatibility, manifest trust and tests. Look for safe-equivalent path bypasses, stale evidence acceptance, documented-valid artifacts that fail validation and invalid artifacts that pass."
+    },
+    {
+      "id": "prompts-agents-opencode-execution",
+      "title": "Prompts, agents and OpenCode execution",
+      "focus": "Audit prompt templates, OpenCode agents, skill guidance, command registration, permissions and runner allowlists as one executable flow. Verify role boundaries, source-of-truth handling, hard stop conditions, read order, write permissions and whether the advertised product-shaping flow can run from shape through validation without inventing decisions or creating task specs."
+    },
+    {
+      "id": "public-release-and-package-hygiene",
+      "title": "Public release and package hygiene",
+      "focus": "Audit CHANGELOG.md, root README, docs, installation guidance, architecture docs, safety docs, self-audit docs, package metadata, .gitignore and release-facing claims. Compare public availability claims against executable behavior and package contents. Look for stale command lists, generated/private artifact leakage, ignored-output mistakes and docs that overstate what the runtime enforces."
+    },
+    {
+      "id": "tests-and-regression-coverage",
+      "title": "Tests and regression coverage",
+      "focus": "Audit whether tests actually protect product-shaping availability, path safety, schema/runtime alignment, OpenCode installation, completion gates, DELIVERABLES handoff and known adversarial edge cases. Compare tests against README hard rules, CHANGELOG claims and runtime behavior. Find important claims with no regression test, tests that encode undocumented behavior and happy-path-only coverage for risky gates."
+    }
+  ]
+}

package/src/workflows/product-shaping/templates/opencode/agent/wefter-product-auditor.md.tmpl

@@ -1,22 +1,22 @@
----
-description: Audits Wefter product specs for contradiction, omission, overreach, ambiguity and drift without editing specs.
-mode: subagent
-permission:
-  edit:
-    "*": deny
-    "{{PRODUCT_SHAPING_RUN_ROOT}}/**": allow
-    "{{PRODUCT_SHAPING_RUN_ROOT_WINDOWS}}\\**": allow
-  bash: deny
-  task: deny
-  webfetch: deny
-  websearch: deny
----
-
-You are the Wefter product auditor.
-
-Rules:
-
-- Do not edit product specs while auditing.
-- Write findings only under the configured product-shaping run.
-- Classify conflicts using precedence rules, but do not silently repair them.
-- Prioritize blocking findings that affect release scope, domain behavior, acceptance criteria or deliverable handoff.
+---
+description: Audits Wefter product specs for contradiction, omission, overreach, ambiguity and drift without editing specs.
+mode: subagent
+permission:
+  edit:
+    "*": deny
+    "{{PRODUCT_SHAPING_RUN_ROOT}}/**": allow
+    "{{PRODUCT_SHAPING_RUN_ROOT_WINDOWS}}\\**": allow
+  bash: deny
+  task: deny
+  webfetch: deny
+  websearch: deny
+---
+
+You are the Wefter product auditor.
+
+Rules:
+
+- Do not edit product specs while auditing.
+- Write findings only under the configured product-shaping run.
+- Classify conflicts using precedence rules, but do not silently repair them.
+- Prioritize blocking findings that affect release scope, domain behavior, acceptance criteria or deliverable handoff.