@wooojin/forgen 0.2.0 → 0.3.0

package/CHANGELOG.md

@@ -5,6 +5,78 @@ All notable changes to forgen will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.0] - 2026-04-15
+
+### BREAKING
+
+- **Skill consolidation: 21 → 10**. Removed: refactor, tdd, testing-strategy, documentation, git-master, ecomode, specify, performance, incident-response, database, frontend, ci-cd, api-design, debug-detective, migrate, security-review. Most were generic checklists; their content is better handled by Claude natively or absorbed into remaining skills.
+- **Agent consolidation: 19 → 12**. Removed: performance-reviewer, security-reviewer (merged into code-reviewer as review perspectives), refactoring-expert, code-simplifier (merged into executor), scientist, qa-tester (merged into verifier), writer.
+- **Custom frontmatter removed**: Agents no longer use `tier` and `lane` fields (Claude Code ignored them anyway).
+
+### Added
+
+- **5 new skills** designed from best-in-class research (OMC ralph, gstack /ship, /retro, /learn):
+  - `forge-loop`: PRD-based iteration with Stop hook persistence. Prevents polite-stop anti-pattern.
+  - `ship`: 15-step automated release pipeline with "never ask, just do" philosophy + Review Readiness Dashboard + Verification Gate.
+  - `retro`: Weekly retrospective with git analysis + compound health + learning trend + compare mode.
+  - `learn`: Compound knowledge management — 5 subcommands (search/stats/prune/export/import) with stale & duplicate detection.
+  - `calibrate`: Evidence-based profile adjustment — quantitative protocol, 3-correction threshold, max 2 axes per calibration.
+- **Stop hook forge-loop integration** (`context-guard.ts`): When `.forgen/state/forge-loop.json` has incomplete stories, Stop is blocked with persistence message. Circuit breakers: 2h stale threshold, 30 max blocks.
+- **Learning Dashboard** (`forgen dashboard`): New "Learning Curve" section showing correction trend (7d vs prev 7d), top correction axes, activity days, estimated time saved via compound injections.
+- **Session Summary with Counterfactual**: Session end message now includes "주입된 compound: N건 / 추정 절약 시간: Xh Ym (forgen 없었으면 시행착오 필요)".
+- **Plugin system**: `.forgen/skills/*.md` scan path added. Project-level custom skills supported.
+- **Stale agent cleanup**: `harness.ts` `installAgents` now removes `ch-*.md` files that don't exist in current source (with marker + hash verification for user-modification safety).
+
+### Changed
+
+- **All 10 skills upgraded** with `<Compound_Integration>`, `<Failure_Modes>`, `argument-hint`. Density dramatically improved despite fewer skills.
+- **All 12 agents upgraded** with `<Failure_Modes_To_Avoid>`, `<Examples>` (Good/Bad), `<Success_Criteria>`, and official frontmatter (`maxTurns`, `color`, `permissionMode`).
+- **deep-interview rewritten** using OMC research: weighted 4-dimension scoring, 3 challenge modes (Contrarian/Simplifier/Ontologist), ontology stability tracking, anti-sycophancy rules, one-question-at-a-time protocol.
+- **Cancel flow**: `cancelforgen` now also deletes `forge-loop.json` to release Stop hook block.
+- **Install is global-only**: `package.json` sets `preferGlobal: true` so non-global installs surface a warning (forgen is a CLI on PATH; local installs were unreachable).
+- **README**: Added "12 built-in agents" section grouped by tool access (read-only / plan-only / write-enabled) with the absorbed-agent mapping from the 19→12 consolidation.
+
+### Fixed
+
+- **Agent parser compat**: Moved `<!-- forgen-managed -->` marker below YAML frontmatter in all 12 `agents/*.md`. Claude Code's agent parser requires `---` on line 1; the prior position caused `Agent(subagent_type: "ch-*")` to fail with "not found" while the file stayed marked as managed.
+- **README install typo**: `npm install -g /forgen` → `npm install -g @wooojin/forgen` (missing scope).
+- **flaky e2e test**: `runHook` helper in `tests/e2e/chain-verification.test.ts` now requires the parsed stdout JSON to carry a `continue` field, preventing stray log lines from satisfying the parser and producing false `continue:false` matches. Verified stable across 3 consecutive full runs (1541/1541 each).
+
+### Documentation
+
+- `docs/weakness-analysis-2026-04-14.md` — Competitor analysis vs 7 harness tools
+- `docs/design-skills-agents-plugins.md` — Full design specification with implementation status
+- `docs/skill-scenarios.md` — 12 developer scenarios × skill usage matrix
+- `docs/positioning-and-selling.md` — Market positioning and Go-to-Market strategy
+
+## [0.2.1] - 2026-04-13
+
+### Added
+- **specify skill**: Structured requirement specification with Resolved/Provisional/Unresolved 3-level evaluation and readiness percentage
+- **deep-interview skill**: Deep requirement interview with Ambiguity Score (0-10) quantification across 5 axes (What/Who/How/When/Why)
+- **Agent output validation** (Tier 2-F): PostToolUse hook validates sub-agent output for empty/failed/timeout/context overflow
+- **BM25 ensemble scoring** (2-C): 3-way ensemble (TF-IDF 0.5 + BM25 0.3 + bigram 0.2) for solution matching
+- **Intent-based context injection** (2-B): implement/debug/refactor/review intents inject domain-specific rules
+- **Harness maturity diagnosis**: `forgen doctor` shows 5-axis L0-L3 maturity score with Quick Wins
+- **Session brief handoff**: Structured brief saved before compact, restored on next session start
+- **Output overflow prevention**: Solution injection footer includes head_limit guidance
+
+### Fixed
+- **Korean `\b` boundary**: Fixed 7 regex patterns where `\b` failed with Korean text (intent-classifier, keyword-detector)
+- **Revert→drift connection**: `isRevert` was always false (checked messages array instead of boolean flag)
+- **ALL_MODES missing specify**: `cancelforgen` didn't clear specify state
+- **MCP list TypeError**: Crashed on url-format servers without `args` field
+- **Agent empty string**: Empty string (`""`) was falsy, skipping validation
+- **Solution content regex**: `\Z` is not valid in JavaScript (literal Z), changed to `$`
+- **`severity: 'info' as 'warning'`**: Removed forced type assertion
+
+### Changed
+- **Rule renderer AI optimization** (2-A): `[category|strength]` tag prefix format, `include_pack_summary` defaults to false (token reduction)
+- **Recovery messages** (1-A): ENOENT suggests Glob search, EACCES suggests chmod
+- **skill-injector lock**: Session cache protected with `withFileLockSync` (race condition fix)
+- **incrementFailureCounter lock**: Context signals protected with `withFileLockSync`
+- Docker E2E expanded to 68 checks (Phase 8: Hoyeon analysis verification)
+
 ## [5.1.0] - 2026-04-06
 
 ### Fixed

package/README.ja.md

@@ -182,14 +182,63 @@ forgen
 
 ### Compound 知識
 
-知識はセッションを跨いで蓄積され、検索可能になります:
+知識はセッションを跨いで、信頼度ベースのライフサイクルで蓄積されます:
+
+```
+experiment (0.30) → candidate (0.55) → verified (0.75) → mature (0.90)
+```
+
+各ソリューションは `experiment` として始まります。セッションをまたいでコードに反映されるにつれ、自動的に昇格されます。ネガティブなエビデンスはサーキットブレーカーを発動させ（自動リタイア）、実際に機能するパターンだけが残ります。
 
 | 種類 | ソース | Claude の活用方法 |
 |------|--------|------------------|
-| **ソリューション** | セッションから抽出 | MCP 経由の `compound-search` |
-| **スキル** | 検証済みソリューションから昇格 | スラッシュコマンドとして自動ロード |
+| **ソリューション** | セッションから抽出 | プロンプトに関連するものを自動注入（TF-IDF + BM25 + bigram アンサンブル） |
+| **スキル** | 21個の組み込み + 検証済みソリューションから昇格 | キーワードで有効化（`specify`、`deep-interview`、`tdd` など） |
 | **行動パターン** | 3回以上の観察で自動検出 | `forge-behavioral.md` に適用 |
-| **エビデンス** | 修正 + 観察 | ファセット調整の根拠 |
+| **エビデンス** | 修正 + 観察 | ファセット調整 + ルール作成を促進 |
+
+### ソリューション自動注入
+
+入力したプロンプトはすべて、蓄積されたソリューションと照合されます。関連するものはClaudeのコンテキストに自動注入されます — 手動検索は不要です。
+
+```
+入力: "API のエラーハンドリングを修正して"
+                    ↓
+solution-injector がマッチ: starter-error-handling-patterns (0.70)
+                    ↓
+Claude が見るもの: "Matched solutions: error-handling-patterns [pattern|0.70]
+             Use try/catch with specific error types. Always log original error..."
+                    ↓
+Claude が蓄積されたパターンを参照して、より良いエラーハンドリングコードを書く。
+```
+
+### 21個の組み込みスキル
+
+プロンプトにキーワードを含めることで有効化:
+
+| スキル | トリガー | 機能 |
+|-------|---------|------|
+| `specify` | "specify", "명세" | 要件を Resolved/Provisional/Unresolved で整理、準備度 % 付き |
+| `deep-interview` | "deep-interview" | Ambiguity Score (0-10) 付きの深い要件インタビュー |
+| `code-review` | "code review 해줘" | 重大度評価付き20項目チェックリストレビュー |
+| `tdd` | "tdd 해줘" | Red-Green-Refactor テスト駆動開発 |
+| `debug-detective` | "debug-detective" | 再現 → 分離 → 修正 → 検証のループ |
+| `refactor` | "refactor 시작" | テストファーストの安全なリファクタリング |
+| `git-master` | "git-master" | アトミックコミット + クリーンな履歴管理 |
+| `security-review` | "security review" | OWASP Top 10 脆弱性チェック |
+| `ecomode` | "ecomode", "에코 모드" | トークン節約モード |
+| `migrate` | "migrate 해줘", "마이그레이션 시작" | 5フェーズの安全なマイグレーションワークフロー |
+| ... | | 残り11個（api-design, architecture-decision, ci-cd, database, docker, documentation, frontend, incident-response, performance, testing-strategy, compound） |
+
+### セッション管理
+
+| 機能 | 動作 |
+|------|------|
+| **セッションブリーフ** | コンテキスト圧縮前に構造化されたブリーフを保存し、次のセッションで復元 |
+| **ドリフト検出** | EWMA ベースの編集レート追跡 → 15編集で警告、30で危機的、50でハードストップ |
+| **エージェント出力検証** | Claude がサブエージェントを生成すると、その出力品質が自動検証される |
+| **自動コンパクト** | 累積12万文字でコンテキスト圧縮の指示 |
+| **ペンディング compound** | 20回以上のプロンプトセッション後、次のセッションで compound 抽出が自動トリガー |
 
 ---
 
@@ -337,6 +386,12 @@ forgen me                       # パーソナルダッシュボード（inspect
 ```bash
 forgen compound                 # 蓄積された知識をプレビュー
 forgen compound --save          # 自動分析されたパターンを保存
+forgen compound list            # ステータス付きで全ソリューションを一覧表示
+forgen compound inspect <名前>  # ソリューションの詳細を表示
+forgen compound --lifecycle     # 昇格/降格チェックを実行
+forgen compound --verify <名前> # 手動で verified に昇格
+forgen compound export          # 知識を tar.gz でエクスポート
+forgen compound import <パス>   # 知識アーカイブをインポート
 forgen skill promote <名前>     # 検証済みソリューションをスキルに昇格
 forgen skill list               # 昇格されたスキルの一覧
 ```
@@ -345,10 +400,14 @@ forgen skill list               # 昇格されたスキルの一覧
 
 ```bash
 forgen init                     # プロジェクトを初期化
-forgen doctor                   # システム診断
-forgen config hooks             # フック状態を確認
+forgen doctor                   # システム診断（10カテゴリ + ハーネス成熟度）
+forgen dashboard                # 知識概要（6セクション）
+forgen config hooks             # フック状態 + コンテキストバジェットを確認
 forgen config hooks --regenerate # フックを再生成
-forgen mcp                      # MCP サーバー管理
+forgen mcp list                 # インストール済み MCP サーバーを一覧
+forgen mcp add <名前>           # テンプレートから MCP サーバーを追加
+forgen mcp templates            # 利用可能なテンプレートを表示
+forgen notepad show             # セッションノートパッドを表示
 forgen uninstall                # forgen をきれいに削除
 ```
 
@@ -356,12 +415,14 @@ forgen uninstall                # forgen をきれいに削除
 
 | ツール | 目的 |
 |--------|------|
-| `compound-search` | クエリで蓄積された知識を検索 |
-| `compound-read` | ソリューション全文を読む |
-| `compound-list` | フィルタ付きソリューション一覧 |
-| `compound-stats` | 概要統計 |
+| `compound-search` | クエリで蓄積された知識を検索（TF-IDF + BM25 + bigram アンサンブル） |
+| `compound-read` | ソリューション全文を読む（Progressive Disclosure Tier 3） |
+| `compound-list` | ステータス/タイプ/スコープフィルタ付きソリューション一覧 |
+| `compound-stats` | ステータス・タイプ・スコープ別の概要統計 |
 | `session-search` | 過去のセッション会話を検索（SQLite FTS5、Node.js 22+） |
 | `correction-record` | ユーザー修正を構造化されたエビデンスとして記録 |
+| `profile-read` | 現在のパーソナライゼーションプロファイルを読む |
+| `rule-list` | カテゴリ別のアクティブなパーソナライゼーションルールを一覧 |
 
 ---
 
@@ -431,10 +492,12 @@ rule-renderer.ts                     Rule[] を自然言語に変換:
 | **pre-tool-use** | すべてのツール実行前 | `rm -rf`、`curl\|sh`、`--force` push、危険なパターンをブロック |
 | **db-guard** | SQL 操作 | `DROP TABLE`、`WHERE` なし `DELETE`、`TRUNCATE` をブロック |
 | **secret-filter** | ファイル書き込み、出力 | API キー、トークン、認証情報の露出時に警告 |
-| **slop-detector** | コード生成後 | TODO 残骸、`eslint-disable`、`as any`、`@ts-ignore` を検出 |
+| **slop-detector** | コード生成後 | TODO 残骸、`eslint-disable`、`as any`、`@ts-ignore`、空の catch を検出 |
 | **prompt-injection-filter** | すべての入力 | パターン + ヒューリスティックによるプロンプトインジェクションのブロック |
-| **context-guard** | セッション中 | コンテキストウィンドウの上限に近づいた時に警告 |
+| **context-guard** | セッション中 | 50プロンプト/20万文字で警告、12万文字で自動コンパクト、セッションハンドオフ |
 | **rate-limiter** | MCP ツール呼び出し | 過度な MCP ツール呼び出しを防止 |
+| **drift-detector** | ファイル編集 | EWMA ベースのドリフトスコア: 警告 → 危機的 → 50編集でハードストップ |
+| **agent-validator** | エージェントツール出力 | 空/失敗/切り捨てられたサブエージェント出力を警告 |
 
 安全ルールは**ハード制約**です -- パック選択や修正で上書きできません。レンダリングされたルールの「Must Not」セクションは、プロファイルに関係なく常に存在します。
 
@@ -460,7 +523,9 @@ rule-renderer.ts                     Rule[] を自然言語に変換:
 
 ## 共存
 
-forgen はインストール時に他の Claude Code プラグイン（oh-my-claudecode、superpowers、claude-mem）を検出し、重複するフックを無効化します。コアのセーフティフックと compound フックは常にアクティブを維持します。
+forgen はインストール時に他の Claude Code プラグイン（oh-my-claudecode、superpowers、claude-mem）を検出し、コンテキスト注入を自動的に50%削減します（「譲歩原則」）。コアのセーフティフックと compound フックは常にアクティブを維持します。他のプラグインがすでに提供しているスキルは競合を避けるためスキップされます。
+
+詳細は [共存ガイド](docs/guides/with-omc.md) を参照してください。
 
 ---
 

package/README.ko.md

@@ -182,14 +182,74 @@ forgen
 
 ### Compound 지식
 
-지식은 세션을 거치며 축적되고, 검색 가능해집니다:
+지식은 세션을 거치며 신뢰도 기반 라이프사이클로 축적됩니다:
+
+```
+experiment (0.30) → candidate (0.55) → verified (0.75) → mature (0.90)
+```
+
+각 솔루션은 `experiment`로 시작합니다. 세션을 거치며 코드에 반영될수록 자동 승격됩니다. 부정적 evidence는 서킷 브레이커를 작동시켜 자동 은퇴시킵니다. 실제로 당신에게 맞는 패턴만 살아남습니다.
 
 | 유형 | 출처 | Claude 활용 방법 |
 |------|------|-----------------|
-| **솔루션** | 세션에서 추출 | MCP를 통한 `compound-search` |
-| **스킬** | 검증된 솔루션에서 승격 | 슬래시 커맨드로 자동 로드 |
+| **솔루션** | 세션에서 추출 | 프롬프트와 관련 있을 때 자동 주입 (TF-IDF + BM25 + bigram 앙상블) |
+| **스킬** | 10개 내장 + 검증된 솔루션에서 승격 | 키워드로 활성화 (`deep-interview`, `forge-loop`, `ship` 등) |
 | **행동 패턴** | 3회 이상 관찰 시 자동 감지 | `forge-behavioral.md`에 적용 |
-| **Evidence** | 교정 + 관찰 | facet 조정의 근거 |
+| **Evidence** | 교정 + 관찰 | facet 조정 및 규칙 생성의 근거 |
+
+### Solution 자동 주입
+
+입력하는 모든 프롬프트가 축적된 솔루션과 매칭됩니다. 관련 솔루션은 Claude의 컨텍스트에 자동 주입됩니다 — 직접 찾아볼 필요가 없습니다.
+
+```
+입력: "API의 에러 핸들링을 고쳐줘"
+                    ↓
+solution-injector 매칭: starter-error-handling-patterns (0.70)
+                    ↓
+Claude에게 전달: "매칭된 솔루션: error-handling-patterns [pattern|0.70]
+             특정 에러 타입으로 try/catch 사용. 원본 에러는 반드시 로깅..."
+                    ↓
+Claude가 축적된 패턴을 바탕으로 더 나은 에러 핸들링 코드를 작성합니다.
+```
+
+### 10개 내장 스킬
+
+엄선된 compound-native 스킬. 모든 스킬이 축적된 지식과 연동 — 쓸수록 정확해집니다.
+
+**핵심 체인** (빌드 → 학습):
+
+| 스킬 | 트리거 | 기능 |
+|------|--------|------|
+| `deep-interview` | "deep-interview", "딥인터뷰" | 가중 4차원 ambiguity 점수, 3개 챌린지 모드 (Contrarian/Simplifier/Ontologist), 온톨로지 추적 |
+| `forge-loop` | "forge-loop", "끝까지" | PRD 기반 반복 루프. Stop 훅이 polite-stop 방지. Verifier가 fresh evidence 강제 |
+| `compound` | "복리화", "compound" | 5-Question 품질 필터로 패턴 추출. Health dashboard 포함 |
+
+**관리 체인** (리뷰 → 튜닝):
+
+| 스킬 | 트리거 | 기능 |
+|------|--------|------|
+| `retro` | "retro", "회고" | 주간 회고: git 분석 + compound 건강도 + 학습 추세 + 3가지 추천 |
+| `learn` | "learn prune", "compound 정리" | 5개 서브커맨드: search/stats/prune/export/import. Stale & 중복 자동 감지 |
+| `calibrate` | "calibrate", "프로필 보정" | Evidence 기반 프로필 조정. 한 번에 최대 2개 축. 임계값: 같은 방향 3건+ |
+
+**독립 스킬**:
+
+| 스킬 | 트리거 | 기능 |
+|------|--------|------|
+| `ship` | "ship", "배포" | 15단계 파이프라인. "Never ask, just do" 철학. Review Readiness Dashboard + Verification Gate |
+| `code-review` | "code review", "리뷰" | 신뢰도 1-10 보정, Critical 5개 카테고리 (SQL/race/LLM trust/secrets/enum), auto-fix |
+| `architecture-decision` | "adr" | 가중 트레이드오프 매트릭스, ADR 라이프사이클, 가역성 분류 |
+| `docker` | "docker", "컨테이너" | 멀티스테이지 빌드, 보안 강화, 10개 failure modes |
+
+### 세션 관리
+
+| 기능 | 동작 |
+|------|------|
+| **세션 브리프** | 컨텍스트 압축 전 구조화된 브리프 저장 → 다음 세션에서 복원 |
+| **drift 감지** | EWMA 기반 편집 속도 추적 → 15회 편집 시 경고, 30회 위험, 50회 강제 정지 |
+| **에이전트 출력 검증** | Claude가 서브 에이전트를 실행할 때 출력 품질 자동 검증 |
+| **자동 압축** | 누적 12만 자 초과 시 Claude에게 컨텍스트 압축 지시 |
+| **pending compound** | 20회 이상 프롬프트 세션 후 다음 세션에서 compound 추출 자동 트리거 |
 
 ---
 
@@ -337,6 +397,12 @@ forgen me                       # 개인 대시보드 (inspect profile 단축키
 ```bash
 forgen compound                 # 축적된 지식 미리보기
 forgen compound --save          # 자동 분석된 패턴 저장
+forgen compound list            # 상태가 포함된 솔루션 전체 목록
+forgen compound inspect <이름>  # 솔루션 전체 내용 확인
+forgen compound --lifecycle     # 승격/강등 검사 실행
+forgen compound --verify <이름> # 수동으로 verified 승격
+forgen compound export          # 지식을 tar.gz로 내보내기
+forgen compound import <경로>   # 지식 아카이브 가져오기
 forgen skill promote <이름>     # 검증된 솔루션을 스킬로 승격
 forgen skill list               # 승격된 스킬 목록
 ```
@@ -345,10 +411,14 @@ forgen skill list               # 승격된 스킬 목록
 
 ```bash
 forgen init                     # 프로젝트 초기화
-forgen doctor                   # 시스템 진단
-forgen config hooks             # 훅 상태 확인
+forgen doctor                   # 시스템 진단 (10개 항목 + 하네스 성숙도)
+forgen dashboard                # 지식 현황 대시보드 (6개 섹션)
+forgen config hooks             # 훅 상태 + 컨텍스트 예산 확인
 forgen config hooks --regenerate # 훅 재생성
-forgen mcp                      # MCP 서버 관리
+forgen mcp list                 # 설치된 MCP 서버 목록
+forgen mcp add <이름>           # 템플릿에서 MCP 서버 추가
+forgen mcp templates            # 사용 가능한 템플릿 목록
+forgen notepad show             # 세션 노트패드 보기
 forgen uninstall                # forgen 깔끔하게 제거
 ```
 
@@ -356,12 +426,14 @@ forgen uninstall                # forgen 깔끔하게 제거
 
 | 도구 | 용도 |
 |------|------|
-| `compound-search` | 축적된 지식을 쿼리로 검색 |
-| `compound-read` | 솔루션 전문 읽기 |
-| `compound-list` | 필터가 있는 솔루션 목록 |
-| `compound-stats` | 통계 요약 |
+| `compound-search` | 축적된 지식을 쿼리로 검색 (TF-IDF + BM25 + bigram 앙상블) |
+| `compound-read` | 솔루션 전문 읽기 (Progressive Disclosure Tier 3) |
+| `compound-list` | 상태/유형/범위 필터가 있는 솔루션 목록 |
+| `compound-stats` | 상태, 유형, 범위별 통계 현황 |
 | `session-search` | 이전 세션 대화 검색 (SQLite FTS5, Node.js 22+) |
 | `correction-record` | 사용자 교정을 구조화된 evidence로 기록 |
+| `profile-read` | 현재 개인화 프로필 읽기 |
+| `rule-list` | 카테고리별 활성 개인화 규칙 목록 |
 
 ---
 
@@ -431,10 +503,12 @@ rule-renderer.ts                     Rule[]을 자연어로 변환:
 | **pre-tool-use** | 모든 도구 실행 전 | `rm -rf`, `curl\|sh`, `--force` push, 위험 패턴 차단 |
 | **db-guard** | SQL 연산 | `DROP TABLE`, `WHERE` 없는 `DELETE`, `TRUNCATE` 차단 |
 | **secret-filter** | 파일 쓰기, 출력 | API 키, 토큰, 자격 증명 노출 시 경고 |
-| **slop-detector** | 코드 생성 후 | TODO 잔재, `eslint-disable`, `as any`, `@ts-ignore` 감지 |
+| **slop-detector** | 코드 생성 후 | TODO 잔재, `eslint-disable`, `as any`, `@ts-ignore`, 빈 catch 감지 |
 | **prompt-injection-filter** | 모든 입력 | 패턴 + 휴리스틱 기반 프롬프트 인젝션 차단 |
-| **context-guard** | 세션 중 | 컨텍스트 윈도우 한계 접근 시 경고 |
+| **context-guard** | 세션 중 | 50 프롬프트/20만 자 시 경고, 12만 자 자동 압축, 세션 인계 |
 | **rate-limiter** | MCP 도구 호출 | 과도한 MCP 도구 호출 방지 |
+| **drift-detector** | 파일 편집 | EWMA 기반 drift 점수: 경고 → 위험 → 50회 편집 시 강제 정지 |
+| **agent-validator** | 에이전트 도구 출력 | 서브 에이전트 출력이 비어있거나 실패/잘린 경우 경고 |
 
 안전 규칙은 **hard constraint**입니다 -- 팩 선택이나 교정으로 재정의할 수 없습니다. 렌더링된 규칙의 "Must Not" 섹션은 프로필과 무관하게 항상 존재합니다.
 
@@ -460,7 +534,19 @@ rule-renderer.ts                     Rule[]을 자연어로 변환:
 
 ## 공존
 
-forgen는 설치 시 다른 Claude Code 플러그인(oh-my-claudecode, superpowers, claude-mem)을 감지하고 겹치는 훅을 비활성화합니다. 핵심 안전 훅과 compound 훅은 항상 활성 상태를 유지합니다.
+forgen는 설치 시 다른 Claude Code 플러그인(oh-my-claudecode, superpowers, claude-mem)을 감지하고 컨텍스트 주입을 50% 자동 축소합니다 (양보 원칙). 핵심 안전 훅과 compound 훅은 항상 활성 상태를 유지합니다. 다른 플러그인이 이미 제공하는 스킬은 충돌을 피하기 위해 건너뜁니다.
+
+자세한 내용은 [공존 가이드](docs/guides/with-omc.md)를 참고하세요.
+
+---
+
+## 문서
+
+| 문서 | 설명 |
+|------|------|
+| [훅 레퍼런스](docs/reference/hooks-reference.md) | 3개 계층의 19개 훅 — 이벤트, 타임아웃, 동작 |
+| [공존 가이드](docs/guides/with-omc.md) | oh-my-claudecode와 forgen 함께 사용하기 |
+| [CHANGELOG](CHANGELOG.md) | 버전 히스토리 및 릴리즈 노트 |
 
 ---
 

package/README.md

@@ -57,7 +57,7 @@ Forgen makes this happen. It profiles your work style, learns from your correcti
 ### First run (one time, ~1 minute)
 
 ```bash
-npm install -g /forgen
+npm install -g @wooojin/forgen
 forgen
 ```
 
@@ -116,8 +116,8 @@ Updated rules are rendered with your corrections included. Compound knowledge is
 ## Quick Start
 
 ```bash
-# 1. Install
-npm install -g /forgen
+# 1. Install (MUST use -g — forgen is a global CLI)
+npm install -g @wooojin/forgen
 
 # 2. First run — 4-question onboarding (English or Korean)
 forgen
@@ -182,14 +182,107 @@ forgen
 
 ### Compound knowledge
 
-Knowledge accumulates across sessions and becomes searchable:
+Knowledge accumulates across sessions with a trust-based lifecycle:
+
+```
+experiment (0.30) → candidate (0.55) → verified (0.75) → mature (0.90)
+```
+
+Each solution starts as an `experiment`. As it gets reflected in your code across sessions, it's automatically promoted. Negative evidence triggers a circuit breaker (auto-retire). This means only patterns that actually work for you survive.
 
 | Type | Source | How Claude uses it |
 |------|--------|--------------------|
-| **Solutions** | Extracted from sessions | `compound-search` via MCP |
-| **Skills** | Promoted from verified solutions | Auto-loaded as slash commands |
+| **Solutions** | Extracted from sessions | Auto-injected when relevant to your prompt (TF-IDF + BM25 + bigram ensemble) |
+| **Skills** | 10 built-in + promoted from verified solutions | Activated by keyword (`deep-interview`, `forge-loop`, `ship`, etc.) |
 | **Behavioral patterns** | Auto-detected at 3+ observations | Applied to `forge-behavioral.md` |
-| **Evidence** | Corrections + observations | Drives facet adjustments |
+| **Evidence** | Corrections + observations | Drives facet adjustments + rule creation |
+
+### Solution auto-injection
+
+Every prompt you type is matched against your accumulated solutions. Relevant ones are automatically injected into Claude's context — no manual lookup needed.
+
+```
+You type: "fix the error handling in the API"
+                    ↓
+solution-injector matches: starter-error-handling-patterns (0.70)
+                    ↓
+Claude sees: "Matched solutions: error-handling-patterns [pattern|0.70]
+             Use try/catch with specific error types. Always log original error..."
+                    ↓
+Claude writes better error handling code, informed by your accumulated patterns.
+```
+
+### 10 built-in skills
+
+Curated, compound-native skills. Each one integrates with accumulated knowledge — they get better every session.
+
+**Core chain** (build → learn):
+
+| Skill | Trigger | What it does |
+|-------|---------|-------------|
+| `deep-interview` | "deep-interview", "딥인터뷰" | Weighted 4-dimension ambiguity scoring, 3 challenge modes (Contrarian/Simplifier/Ontologist), ontology tracking |
+| `forge-loop` | "forge-loop", "끝까지" | PRD-based iteration loop. Stop hook prevents polite-stop. Verifier enforcement with fresh evidence |
+| `compound` | "복리화", "compound" | Extract reusable patterns with 5-Question quality filter. Health dashboard included |
+
+**Management chain** (review → tune):
+
+| Skill | Trigger | What it does |
+|-------|---------|-------------|
+| `retro` | "retro", "회고" | Weekly retrospective: git analysis + compound health + learning trend + 3 recommendations |
+| `learn` | "learn prune", "compound 정리" | 5 subcommands: search/stats/prune/export/import. Stale & duplicate detection |
+| `calibrate` | "calibrate", "프로필 보정" | Evidence-based profile adjustment. Max 2 axes per calibration. Threshold: 3+ corrections in same direction |
+
+**Independent skills**:
+
+| Skill | Trigger | What it does |
+|-------|---------|-------------|
+| `ship` | "ship", "배포" | 15-step pipeline. "Never ask, just do" philosophy. Review Readiness Dashboard + Verification Gate |
+| `code-review` | "code review", "리뷰" | Confidence 1-10 calibration, Critical 5 categories (SQL/race/LLM trust/secrets/enum), auto-fix |
+| `architecture-decision` | "adr" | Weighted trade-off matrix, ADR lifecycle, reversibility classification |
+| `docker` | "docker", "컨테이너" | Multi-stage builds, security hardening, 10 failure modes
+
+### 12 built-in agents
+
+Sub-agents with physically separated tool access, `Failure_Modes_To_Avoid` sections, and Good/Bad examples. Invoked via `Agent(subagent_type: "ch-<name>")`. The `ch-` prefix avoids collisions with OMC / built-in Claude Code agents.
+
+**Read-only (investigation / review):**
+
+| Agent | Model | Role |
+|-------|:-----:|------|
+| `ch-explore` | Haiku | Fast codebase explorer — file/pattern search, structure mapping |
+| `ch-analyst` | Opus | Requirements analyst — uncovers hidden constraints via Socratic inquiry |
+| `ch-architect` | Opus | Strategic architecture advisor |
+| `ch-code-reviewer` | Opus | Unified reviewer — quality + security (OWASP) + performance (absorbs former `security-reviewer` / `performance-reviewer`) |
+| `ch-critic` | Opus | Final quality gate — plan/code verifier |
+
+**Plan-only:**
+
+| Agent | Model | Role |
+|-------|:-----:|------|
+| `ch-planner` | Opus | Strategic planning — decomposes tasks, identifies risks, creates actionable plans |
+
+**Write-enabled (implementation / verification):**
+
+| Agent | Model | Role |
+|-------|:-----:|------|
+| `ch-executor` | Sonnet | Code implementation — compound-aware, absorbs refactoring & simplification |
+| `ch-debugger` | Sonnet | Root-cause debugger — isolates regressions, analyzes stack traces |
+| `ch-test-engineer` | Sonnet | Test strategist — integration/E2E coverage, TDD, flaky-test hardening |
+| `ch-designer` | Sonnet | UI/UX — component architecture, accessibility, responsive design |
+| `ch-git-master` | Sonnet | Git workflows — atomic commits, rebasing, history management (Bash limited to git) |
+| `ch-verifier` | Sonnet | Completion verifier — evidence collection, test adequacy, manual test scenarios (compound-aware) |
+
+> Absorbed in this redesign: `security-reviewer` / `performance-reviewer` → `ch-code-reviewer`, `refactoring-expert` / `code-simplifier` → `ch-executor`, `qa-tester` → `ch-verifier`, `scientist` / `writer` removed.
+
+### Session management
+
+| Feature | What happens |
+|---------|-------------|
+| **Session brief** | Before context compaction, a structured brief is saved and restored in the next session |
+| **Drift detection** | EWMA-based edit rate tracking → warning at 15 edits, critical at 30, hard stop at 50 |
+| **Agent output validation** | When Claude spawns sub-agents, their output quality is automatically verified |
+| **Auto-compact** | At 120K chars accumulated, Claude is instructed to compact context |
+| **Pending compound** | After 20+ prompt sessions, a compound extraction is auto-triggered next session |
 
 ---
 
@@ -337,6 +430,12 @@ forgen me                       # Personal dashboard (shortcut for inspect profi
 ```bash
 forgen compound                 # Preview accumulated knowledge
 forgen compound --save          # Save auto-analyzed patterns
+forgen compound list            # List all solutions with status
+forgen compound inspect <name>  # Show full solution details
+forgen compound --lifecycle     # Run promotion/demotion check
+forgen compound --verify <name> # Manually promote to verified
+forgen compound export          # Export knowledge as tar.gz
+forgen compound import <path>   # Import knowledge archive
 forgen skill promote <name>     # Promote a verified solution to a skill
 forgen skill list               # List promoted skills
 ```
@@ -345,10 +444,14 @@ forgen skill list               # List promoted skills
 
 ```bash
 forgen init                     # Initialize project
-forgen doctor                   # System diagnostics
-forgen config hooks             # View hook status
+forgen doctor                   # System diagnostics (10 categories + harness maturity)
+forgen dashboard                # Knowledge overview (6 sections)
+forgen config hooks             # View hook status + context budget
 forgen config hooks --regenerate # Regenerate hooks
-forgen mcp                      # MCP server management
+forgen mcp list                 # List installed MCP servers
+forgen mcp add <name>           # Add MCP server from template
+forgen mcp templates            # Show available templates
+forgen notepad show             # View session notepad
 forgen uninstall                # Remove forgen cleanly
 ```
 
@@ -356,12 +459,14 @@ forgen uninstall                # Remove forgen cleanly
 
 | Tool | Purpose |
 |------|---------|
-| `compound-search` | Search accumulated knowledge by query |
-| `compound-read` | Read full solution content |
-| `compound-list` | List solutions with filters |
-| `compound-stats` | Overview statistics |
+| `compound-search` | Search accumulated knowledge by query (TF-IDF + BM25 + bigram ensemble) |
+| `compound-read` | Read full solution content (Progressive Disclosure Tier 3) |
+| `compound-list` | List solutions with status/type/scope filters |
+| `compound-stats` | Overview statistics by status, type, scope |
 | `session-search` | Search past session conversations (SQLite FTS5, Node.js 22+) |
 | `correction-record` | Record user corrections as structured evidence |
+| `profile-read` | Read current personalization profile |
+| `rule-list` | List active personalization rules by category |
 
 ---
 
@@ -433,10 +538,12 @@ Safety hooks are automatically registered in `settings.json` and run on every to
 | **pre-tool-use** | Before any tool execution | Blocks `rm -rf`, `curl\|sh`, `--force` push, dangerous patterns |
 | **db-guard** | SQL operations | Blocks `DROP TABLE`, `WHERE`-less `DELETE`, `TRUNCATE` |
 | **secret-filter** | File writes and outputs | Warns when API keys, tokens, or credentials are about to be exposed |
-| **slop-detector** | After code generation | Detects TODO remnants, `eslint-disable`, `as any`, `@ts-ignore` |
+| **slop-detector** | After code generation | Detects TODO remnants, `eslint-disable`, `as any`, `@ts-ignore`, empty catch |
 | **prompt-injection-filter** | All inputs | Blocks prompt injection attempts with pattern + heuristic detection |
-| **context-guard** | During session | Warns when approaching context window limit |
+| **context-guard** | During session | Warns at 50 prompts/200K chars, auto-compact at 120K, session handoff |
 | **rate-limiter** | MCP tool calls | Prevents excessive MCP tool invocations |
+| **drift-detector** | File edits | EWMA-based drift score: warning → critical → hard stop at 50 edits |
+| **agent-validator** | Agent tool output | Warns on empty/failed/truncated sub-agent output |
 
 Safety rules are **hard constraints** -- they cannot be overridden by pack selection or corrections. The "Must Not" section in rendered rules is always present regardless of profile.
 
@@ -462,7 +569,7 @@ Safety rules are **hard constraints** -- they cannot be overridden by pack selec
 
 ## Coexistence
 
-Forgen detects other Claude Code plugins (oh-my-claudecode, superpowers, claude-mem) at install time and disables overlapping hooks. Core safety and compound hooks always remain active.
+Forgen detects other Claude Code plugins (oh-my-claudecode, superpowers, claude-mem) at install time and automatically reduces its context injection by 50% ("yielding principle"). Core safety and compound hooks always remain active. Conflicting skills are skipped when another plugin already provides them.
 
 See [Coexistence Guide](docs/guides/with-omc.md) for details.