agent-control-plane 0.1.9 → 0.1.13

package/tools/templates/issue-prompt-template.md

@@ -12,67 +12,31 @@ Implement issue #{ISSUE_ID} in `{REPO_SLUG}`.
 {ISSUE_RECURRING_CONTEXT}
 {ISSUE_BLOCKER_CONTEXT}
 
-# MANDATORY WORKFLOW (follow in order, no skipping)
+# Required Contract
 
-You MUST complete ALL 5 phases in order. Do not skip any phase. Do not commit until Phase 4 passes.
+Follow this order:
 
-## Phase 1: READ & SCOPE
+1. Read `AGENTS.md`, choose one narrow target, and stay within that slice.
+2. If the issue is broader than one safe slice, stop and create follow-up issues instead of forcing a large patch:
+   ```bash
+   bash "$ACP_FLOW_TOOLS_DIR/create-follow-up-issue.sh" --parent {ISSUE_ID} --title "..." --body-file /tmp/follow-up.md
+   ```
+3. Implement the smallest root-cause fix in this worktree only.
+4. Run the narrowest relevant local verification for the files you changed, and record every successful command with `record-verification.sh`.
 
-- Read the repo instructions: `AGENTS.md`, relevant spec or design docs, and any repo conventions tied to this issue.
-- Identify the single primary product surface you will touch.
-- If the issue spans multiple surfaces, pick ONE and create follow-up issues for the rest using:
-  ```bash
-  bash "$ACP_FLOW_TOOLS_DIR/create-follow-up-issue.sh" --parent {ISSUE_ID} --title "..." --body-file /tmp/follow-up.md
-  ```
-- Treat a broad umbrella issue as a coordination brief rather than permission to ship every slice in one PR.
-- Write down your scope decision before coding.
-
-## Phase 2: IMPLEMENT
-
-- Make the smallest root-cause fix that satisfies the issue.
-- Work only inside the dedicated worktree.
-- Add or update tests when feasible.
-- STOP after implementation. Do not commit yet.
-
-## Phase 3: VERIFY (MANDATORY)
-
-After implementing, you MUST run verification commands and record each one.
-Every successful command must be recorded or the host publish will fail.
-After each successful verification command, record it with `record-verification.sh`.
+- Do not default to repo-wide verification such as `pnpm test` unless the issue body explicitly requires it.
+- If unrelated repo-wide suites are already red, keep the cycle focused on targeted verification for your slice and let the host verification guard decide whether publication is safe.
 
 ```bash
 {ISSUE_VERIFICATION_COMMAND_SNIPPET}
 ```
 
-Required verification coverage:
-- Run the narrowest repo-supported `typecheck`, `build`, `test`, or `lint` command that proves the touched surface is safe.
-- If you changed tests only, run the most relevant targeted test command and record it.
-- If you changed localization resources or user-facing copy, run repo locale validation or hardcoded-copy scans if the repo provides them.
-- If a verification command fails, fix the issue and rerun until it passes.
-
-CRITICAL: `verification.jsonl` must exist in `$ACP_RUN_DIR` with at least one `pass` entry before you can write `OUTCOME=implemented`.
-
-## Phase 4: SELF-REVIEW (MANDATORY)
-
-Before committing, perform this checklist:
-
-- [ ] Run `git diff --check`.
-- [ ] Count non-test product files: if the change is broad, stop and split scope instead of publishing one large PR.
-- [ ] If you touched auth, login, session, or reset flows, verify existing users and legacy data still behave correctly.
-- [ ] If you touched public endpoints, public routes, or operator workflows, search downstream consumers in `scripts/`, `docs/`, and specs.
-- [ ] If you changed localization resources or user-facing copy, confirm localization coverage and scanning are still valid.
-- [ ] If you touched mobile routes or screens, keep route scope narrow and verify loading, empty, and error states.
-
-Before committing, verify the journal exists:
-```bash
-test -s "$ACP_RUN_DIR/verification.jsonl" && echo "OK: verification.jsonl exists" || echo "BLOCKED: missing verification.jsonl"
-```
-
-## Phase 5: COMMIT & REPORT
-
-- Commit with a conventional commit message.
-- Do NOT push or open a PR; the host handles that.
-- Write `$ACP_RESULT_FILE`:
+5. Before committing, run at least:
+   ```bash
+   git diff --check
+   test -s "$ACP_RUN_DIR/verification.jsonl" && echo "OK: verification.jsonl exists" || echo "BLOCKED: missing verification.jsonl"
+   ```
+6. If verification passes, commit locally and write `$ACP_RESULT_FILE`:
   ```bash
   cat > "$ACP_RESULT_FILE" <<'OUTER_EOF'
   OUTCOME=implemented
@@ -80,16 +44,7 @@ test -s "$ACP_RUN_DIR/verification.jsonl" && echo "OK: verification.jsonl exists
   ISSUE_ID={ISSUE_ID}
   OUTER_EOF
   ```
-- In your final output, include the changed files, verification commands actually run, and one short self-review note naming the main regression risk you checked.
-
-# STOP CONDITIONS
-
-Stop and report blocked if:
-- The issue is ambiguous, blocked by missing credentials, or expands into high-risk scope.
-- You cannot complete verification successfully.
-- The issue needs full decomposition into focused follow-up issues.
-
-If stopped blocked, write `$ACP_RUN_DIR/issue-comment.md` with a blocker summary, then:
+7. If blocked, write `$ACP_RUN_DIR/issue-comment.md` and then write:
 ```bash
 cat > "$ACP_RESULT_FILE" <<'OUTER_EOF'
 OUTCOME=blocked
@@ -98,7 +53,7 @@ ISSUE_ID={ISSUE_ID}
 OUTER_EOF
 ```
 
-If fully decomposed into follow-up issues, start the first line of `issue-comment.md` with exactly:
+If you fully decompose the work, the first line of `issue-comment.md` must be:
 `Superseded by focused follow-up issues: #...`
 
 # Git Rules
@@ -106,4 +61,4 @@ If fully decomposed into follow-up issues, start the first line of `issue-commen
 - Do NOT push the branch from inside the worker.
 - Do NOT open a PR from inside the worker.
 - Do NOT comment on the source issue with a PR URL from inside the worker.
-- Exit successfully after writing the result file.
+- Exit after writing the result file.

package/tools/templates/legacy/issue-prompt-template-pre-slim.md

@@ -0,0 +1,109 @@
+# Task
+
+Implement issue #{ISSUE_ID} in `{REPO_SLUG}`.
+
+# Issue Context
+
+- Title: {ISSUE_TITLE}
+- URL: {ISSUE_URL}
+- Auto-merge requested: {ISSUE_AUTOMERGE}
+
+{ISSUE_BODY}
+{ISSUE_RECURRING_CONTEXT}
+{ISSUE_BLOCKER_CONTEXT}
+
+# MANDATORY WORKFLOW (follow in order, no skipping)
+
+You MUST complete ALL 5 phases in order. Do not skip any phase. Do not commit until Phase 4 passes.
+
+## Phase 1: READ & SCOPE
+
+- Read the repo instructions: `AGENTS.md`, relevant spec or design docs, and any repo conventions tied to this issue.
+- Identify the single primary product surface you will touch.
+- If the issue spans multiple surfaces, pick ONE and create follow-up issues for the rest using:
+  ```bash
+  bash "$ACP_FLOW_TOOLS_DIR/create-follow-up-issue.sh" --parent {ISSUE_ID} --title "..." --body-file /tmp/follow-up.md
+  ```
+- Treat a broad umbrella issue as a coordination brief rather than permission to ship every slice in one PR.
+- Write down your scope decision before coding.
+
+## Phase 2: IMPLEMENT
+
+- Make the smallest root-cause fix that satisfies the issue.
+- Work only inside the dedicated worktree.
+- Add or update tests when feasible.
+- STOP after implementation. Do not commit yet.
+
+## Phase 3: VERIFY (MANDATORY)
+
+After implementing, you MUST run verification commands and record each one.
+Every successful command must be recorded or the host publish will fail.
+After each successful verification command, record it with `record-verification.sh`.
+
+```bash
+{ISSUE_VERIFICATION_COMMAND_SNIPPET}
+```
+
+Required verification coverage:
+- Run the narrowest repo-supported `typecheck`, `build`, `test`, or `lint` command that proves the touched surface is safe.
+- If you changed tests only, run the most relevant targeted test command and record it.
+- If you changed localization resources or user-facing copy, run repo locale validation or hardcoded-copy scans if the repo provides them.
+- If a verification command fails, fix the issue and rerun until it passes.
+
+CRITICAL: `verification.jsonl` must exist in `$ACP_RUN_DIR` with at least one `pass` entry before you can write `OUTCOME=implemented`.
+
+## Phase 4: SELF-REVIEW (MANDATORY)
+
+Before committing, perform this checklist:
+
+- [ ] Run `git diff --check`.
+- [ ] Count non-test product files: if the change is broad, stop and split scope instead of publishing one large PR.
+- [ ] If you touched auth, login, session, or reset flows, verify existing users and legacy data still behave correctly.
+- [ ] If you touched public endpoints, public routes, or operator workflows, search downstream consumers in `scripts/`, `docs/`, and specs.
+- [ ] If you changed localization resources or user-facing copy, confirm localization coverage and scanning are still valid.
+- [ ] If you touched mobile routes or screens, keep route scope narrow and verify loading, empty, and error states.
+
+Before committing, verify the journal exists:
+```bash
+test -s "$ACP_RUN_DIR/verification.jsonl" && echo "OK: verification.jsonl exists" || echo "BLOCKED: missing verification.jsonl"
+```
+
+## Phase 5: COMMIT & REPORT
+
+- Commit with a conventional commit message.
+- Do NOT push or open a PR; the host handles that.
+- Write `$ACP_RESULT_FILE`:
+  ```bash
+  cat > "$ACP_RESULT_FILE" <<'OUTER_EOF'
+  OUTCOME=implemented
+  ACTION=host-publish-issue-pr
+  ISSUE_ID={ISSUE_ID}
+  OUTER_EOF
+  ```
+- In your final output, include the changed files, verification commands actually run, and one short self-review note naming the main regression risk you checked.
+
+# STOP CONDITIONS
+
+Stop and report blocked if:
+- The issue is ambiguous, blocked by missing credentials, or expands into high-risk scope.
+- You cannot complete verification successfully.
+- The issue needs full decomposition into focused follow-up issues.
+
+If stopped blocked, write `$ACP_RUN_DIR/issue-comment.md` with a blocker summary, then:
+```bash
+cat > "$ACP_RESULT_FILE" <<'OUTER_EOF'
+OUTCOME=blocked
+ACTION=host-comment-blocker
+ISSUE_ID={ISSUE_ID}
+OUTER_EOF
+```
+
+If fully decomposed into follow-up issues, start the first line of `issue-comment.md` with exactly:
+`Superseded by focused follow-up issues: #...`
+
+# Git Rules
+
+- Do NOT push the branch from inside the worker.
+- Do NOT open a PR from inside the worker.
+- Do NOT comment on the source issue with a PR URL from inside the worker.
+- Exit successfully after writing the result file.

package/bin/audit-issue-routing.sh

@@ -1,74 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# shellcheck source=/dev/null
-source "${SCRIPT_DIR}/../tools/bin/flow-config-lib.sh"
-
-CONFIG_YAML="$(resolve_flow_config_yaml "${BASH_SOURCE[0]}")"
-REPO_SLUG="$(flow_resolve_repo_slug "${CONFIG_YAML}")"
-AGENT_PR_PREFIXES_JSON="$(flow_managed_pr_prefixes_json "${CONFIG_YAML}")"
-AGENT_PR_ISSUE_CAPTURE_REGEX="$(flow_managed_issue_branch_regex "${CONFIG_YAML}")"
-MIN_AGE_MINUTES="${1:-30}"
-
-open_agent_pr_issue_ids="$(
-  gh pr list -R "$REPO_SLUG" --state open --limit 100 --json headRefName,body,labels,comments \
-    | jq --argjson agentPrPrefixes "${AGENT_PR_PREFIXES_JSON}" --arg branchIssueRegex "${AGENT_PR_ISSUE_CAPTURE_REGEX}" '
-        map(
-          . as $pr
-          | select(
-              any($agentPrPrefixes[]; (($pr.headRefName // "") | startswith(.)))
-              or any(($pr.labels // [])[]?; .name == "agent-handoff")
-              or any(($pr.comments // [])[]?; ((.body // "") | test("^## PR (final review blocker|repair worker summary|repair summary|repair update)"; "i")))
-            )
-          | [
-              (
-                $pr.headRefName
-                | capture($branchIssueRegex)?
-                | .id
-              ),
-              (
-                ($pr.body // "")
-                | capture("(?i)\\b(?:close[sd]?|fix(?:e[sd])?|resolve[sd]?)\\s+#(?<id>[0-9]+)\\b")?
-                | .id
-              )
-            ]
-          | .[]
-          | select(. != null and . != "")
-        )
-        | unique
-      '
-)"
-
-gh issue list -R "$REPO_SLUG" --state open --limit 100 --json number,title,createdAt,updatedAt,labels \
-  | jq -r --argjson openAgentPrIssueIds "$open_agent_pr_issue_ids" --argjson minAgeMinutes "$MIN_AGE_MINUTES" '
-      def label_names: [.labels[]?.name];
-      def age_minutes:
-        ((now - ((.createdAt | sub("\\.[0-9]+Z$"; "Z") | fromdateiso8601))) / 60);
-      def has_open_agent_pr:
-        ((.number | tostring) as $issueId | ($openAgentPrIssueIds | index($issueId)) != null);
-      map(
-        . + {
-          reason:
-            (if any(label_names[]?; . == "agent-running") and (has_open_agent_pr | not) then
-              "stale-agent-running"
-            elif any(label_names[]?; . == "agent-blocked") then
-              "blocked-manual-review"
-            else
-              ""
-            end)
-        }
-      )
-      | map(select(.reason != "" and (age_minutes >= $minAgeMinutes)))
-      | sort_by(.createdAt, .number)
-      | .[]
-      | [
-          (.number | tostring),
-          .reason,
-          .createdAt,
-          .updatedAt,
-          (label_names | join(",")),
-          .title
-        ]
-      | @tsv
-    '

package/tools/bin/audit-agent-worktrees.sh

@@ -1,310 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# shellcheck source=/dev/null
-source "${SCRIPT_DIR}/flow-config-lib.sh"
-
-WORKER_STATUS_TOOL="${BASH_SOURCE[0]%/*}/agent-project-worker-status"
-WORKTREE_CLEANUP_TOOL="${BASH_SOURCE[0]%/*}/agent-cleanup-worktree"
-CONFIG_YAML="$(resolve_flow_config_yaml "${BASH_SOURCE[0]}")"
-AGENT_REPO_ROOT="$(flow_resolve_agent_repo_root "${CONFIG_YAML}")"
-WORKTREE_ROOT="$(flow_resolve_worktree_root "${CONFIG_YAML}")"
-AGENT_ROOT="$(flow_resolve_agent_root "${CONFIG_YAML}")"
-RUNS_ROOT="$(flow_resolve_runs_root "${CONFIG_YAML}")"
-PENDING_LAUNCH_DIR="${ACP_PENDING_LAUNCH_DIR:-${F_LOSNING_PENDING_LAUNCH_DIR:-$(flow_resolve_state_root "${CONFIG_YAML}")/pending-launches}}"
-ISSUE_SESSION_PREFIX="$(flow_resolve_issue_session_prefix "${CONFIG_YAML}")"
-PR_SESSION_PREFIX="$(flow_resolve_pr_session_prefix "${CONFIG_YAML}")"
-ISSUE_BRANCH_PREFIX="$(flow_resolve_issue_branch_prefix "${CONFIG_YAML}")"
-PR_WORKTREE_BRANCH_PREFIX="$(flow_resolve_pr_worktree_branch_prefix "${CONFIG_YAML}")"
-MANAGED_PR_BRANCH_GLOBS="$(flow_resolve_managed_pr_branch_globs "${CONFIG_YAML}")"
-ISSUE_BRANCH_PREFIX_REGEX="$(flow_escape_regex "${ISSUE_BRANCH_PREFIX}")"
-PR_WORKTREE_BRANCH_PREFIX_REGEX="$(flow_escape_regex "${PR_WORKTREE_BRANCH_PREFIX}")"
-
-cleanup="false"
-strict="false"
-
-usage() {
-  cat <<'EOF'
-Usage:
-  audit-agent-worktrees.sh [--cleanup] [--strict]
-
-Audits agent-managed worktrees attached to the anchor repo and removes stale
-ones when they no longer have a running owner and only contain generated
-artifacts such as node_modules symlinks or .openclaw-artifacts.
-
-Options:
-  --cleanup  Remove clean/orphaned agent worktrees automatically.
-  --strict   Exit non-zero when any stale agent worktree is found.
-EOF
-}
-
-while [[ $# -gt 0 ]]; do
-  case "$1" in
-    --cleanup) cleanup="true"; shift ;;
-    --strict) strict="true"; shift ;;
-    --help|-h) usage; exit 0 ;;
-    *) echo "Unknown argument: $1" >&2; usage >&2; exit 1 ;;
-  esac
-done
-
-if [[ ! -d "$AGENT_REPO_ROOT/.git" && ! -f "$AGENT_REPO_ROOT/.git" ]]; then
-  echo "agent repo root is not a Git checkout: $AGENT_REPO_ROOT" >&2
-  exit 1
-fi
-
-session_for_worktree() {
-  local worktree_path="${1:-}"
-  local branch_ref="${2:-}"
-  local base
-
-  base="$(basename "$worktree_path")"
-  if [[ "$base" =~ ^pr-([0-9]+)- ]]; then
-    printf '%s%s\n' "${PR_SESSION_PREFIX}" "${BASH_REMATCH[1]}"
-    return 0
-  fi
-  if [[ "$base" =~ ^issue-([0-9]+)- ]]; then
-    printf '%s%s\n' "${ISSUE_SESSION_PREFIX}" "${BASH_REMATCH[1]}"
-    return 0
-  fi
-  if [[ "$branch_ref" =~ ^refs/heads/${PR_WORKTREE_BRANCH_PREFIX_REGEX}-([0-9]+)- ]]; then
-    printf '%s%s\n' "${PR_SESSION_PREFIX}" "${BASH_REMATCH[1]}"
-    return 0
-  fi
-  if [[ "$branch_ref" =~ ^refs/heads/${ISSUE_BRANCH_PREFIX_REGEX}-([0-9]+)- ]]; then
-    printf '%s%s\n' "${ISSUE_SESSION_PREFIX}" "${BASH_REMATCH[1]}"
-    return 0
-  fi
-  return 1
-}
-
-branch_name_is_managed() {
-  local branch_name="${1:-}"
-  local branch_glob=""
-
-  for branch_glob in ${MANAGED_PR_BRANCH_GLOBS}; do
-    case "$branch_name" in
-      ${branch_glob}) return 0 ;;
-    esac
-  done
-
-  return 1
-}
-
-is_agent_managed_worktree() {
-  local worktree_path="${1:-}"
-  local branch_ref="${2:-}"
-  local branch_name=""
-
-  [[ "$worktree_path" == "$WORKTREE_ROOT/"* ]] || return 1
-  if [[ "$branch_ref" == refs/heads/* ]]; then
-    branch_name="${branch_ref#refs/heads/}"
-    if branch_name_is_managed "$branch_name"; then
-      return 0
-    fi
-  fi
-  case "$(basename "$worktree_path")" in
-    pr-*|issue-*|shared-*) return 0 ;;
-  esac
-  return 1
-}
-
-worktree_effectively_dirty() {
-  local worktree_path="${1:?worktree path required}"
-  local filtered=""
-
-  if ! git -C "$worktree_path" rev-parse --is-inside-work-tree >/dev/null 2>&1; then
-    return 1
-  fi
-
-  filtered="$(
-    git -C "$worktree_path" status --short --untracked-files=normal \
-      | awk '
-          /^\?\? node_modules$/ {next}
-          /^\?\? .+\/node_modules$/ {next}
-          /^\?\? \.openclaw-artifacts$/ {next}
-          /^\?\? \.openclaw-artifacts\// {next}
-          {print}
-        '
-  )"
-  [[ -n "$filtered" ]]
-}
-
-worktree_is_broken() {
-  local worktree_path="${1:?worktree path required}"
-  [[ -d "$worktree_path" ]] || return 0
-  git -C "$worktree_path" rev-parse --is-inside-work-tree >/dev/null 2>&1 && return 1
-  return 0
-}
-
-worktree_has_active_owner() {
-  local session_name="${1:-}"
-  local run_dir=""
-  local status_output=""
-  local status=""
-
-  [[ -n "$session_name" ]] || return 1
-
-  if tmux has-session -t "$session_name" 2>/dev/null; then
-    return 0
-  fi
-
-  run_dir="${RUNS_ROOT}/${session_name}"
-  if [[ ! -d "$run_dir" ]]; then
-    return 1
-  fi
-
-  # Completed workers still own their worktree until host-side reconcile
-  # archives the run or writes reconciled.ok. Otherwise audit can delete the
-  # worktree before publish/retry transitions consume it.
-  if [[ ! -f "${run_dir}/reconciled.ok" ]]; then
-    return 0
-  fi
-
-  status_output="$(
-    "$WORKER_STATUS_TOOL" \
-      --runs-root "$RUNS_ROOT" \
-      --session "$session_name" 2>/dev/null || true
-  )"
-  status="$(awk -F= '/^STATUS=/{print $2}' <<<"$status_output" | tail -n 1)"
-  [[ "$status" == "RUNNING" ]]
-}
-
-worktree_has_active_launch() {
-  local session_name="${1:-}"
-  local pending_file=""
-  local pending_pid=""
-
-  [[ -n "$session_name" ]] || return 1
-
-  case "$session_name" in
-    "${ISSUE_SESSION_PREFIX}"*)
-      pending_file="${PENDING_LAUNCH_DIR}/issue-${session_name#${ISSUE_SESSION_PREFIX}}.pid"
-      ;;
-    "${PR_SESSION_PREFIX}"*)
-      pending_file="${PENDING_LAUNCH_DIR}/pr-${session_name#${PR_SESSION_PREFIX}}.pid"
-      ;;
-    *)
-      return 1
-      ;;
-  esac
-
-  [[ -f "$pending_file" ]] || return 1
-  pending_pid="$(tr -d '[:space:]' <"$pending_file" 2>/dev/null || true)"
-  [[ -n "$pending_pid" ]] || return 1
-  kill -0 "$pending_pid" 2>/dev/null
-}
-
-remove_agent_worktree() {
-  local worktree_path="${1:-}"
-  local branch_ref="${2:-}"
-  local branch_name=""
-  local cleanup_args=()
-  local cleanup_failed="false"
-
-  if [[ "$branch_ref" == refs/heads/* ]]; then
-    branch_name="${branch_ref#refs/heads/}"
-    cleanup_args=(--branch "$branch_name" --path "$worktree_path" --allow-unmerged)
-    if [[ "$branch_name" == "${ISSUE_BRANCH_PREFIX}"-* ]]; then
-      cleanup_args+=(--keep-remote)
-    fi
-    if ! (
-      cd "$AGENT_REPO_ROOT"
-      "$WORKTREE_CLEANUP_TOOL" "${cleanup_args[@]}"
-    ) >/dev/null 2>&1; then
-      cleanup_failed="true"
-    fi
-  else
-    git -C "$AGENT_REPO_ROOT" worktree remove "$worktree_path" --force || true
-    git -C "$AGENT_REPO_ROOT" worktree prune
-    return 0
-  fi
-
-  if [[ "$cleanup_failed" == "true" ]]; then
-    rm -rf "$worktree_path"
-    if [[ -n "$branch_name" ]]; then
-      git -C "$AGENT_REPO_ROOT" branch -D "$branch_name" >/dev/null 2>&1 || true
-    fi
-  fi
-
-  git -C "$AGENT_REPO_ROOT" worktree prune >/dev/null 2>&1 || true
-}
-
-issue_count=0
-cleaned_count=0
-
-current_worktree=""
-current_branch_ref=""
-current_head=""
-
-while IFS= read -r line || [[ -n "$line" ]]; do
-  if [[ -z "$line" ]]; then
-    if [[ -n "$current_worktree" ]]; then
-      if [[ "$current_worktree" != "$AGENT_REPO_ROOT" ]] && is_agent_managed_worktree "$current_worktree" "$current_branch_ref"; then
-        session_name="$(session_for_worktree "$current_worktree" "$current_branch_ref" || true)"
-        active_owner="no"
-        if worktree_has_active_owner "$session_name"; then
-          active_owner="yes"
-        fi
-        active_launch="no"
-        if worktree_has_active_launch "$session_name"; then
-          active_launch="yes"
-        fi
-
-        if [[ "$active_owner" == "yes" || "$active_launch" == "yes" ]]; then
-          current_worktree=""
-          current_branch_ref=""
-          current_head=""
-          continue
-        fi
-
-        broken_worktree="no"
-        if worktree_is_broken "$current_worktree"; then
-          broken_worktree="yes"
-        fi
-        dirty="no"
-        if [[ "$broken_worktree" == "no" ]] && worktree_effectively_dirty "$current_worktree"; then
-          dirty="yes"
-        fi
-
-        issue_count=$((issue_count + 1))
-
-        printf 'AGENT_WORKTREE=%s\n' "$current_worktree"
-        printf 'BRANCH_REF=%s\n' "${current_branch_ref:-<detached>}"
-        printf 'HEAD=%s\n' "${current_head:-<unknown>}"
-        printf 'SESSION=%s\n' "${session_name:-<none>}"
-        printf 'BROKEN_WORKTREE=%s\n' "$broken_worktree"
-        printf 'DIRTY=%s\n' "$dirty"
-        printf 'ACTIVE_OWNER=%s\n' "$active_owner"
-        printf 'ACTIVE_LAUNCH=%s\n' "$active_launch"
-
-        if [[ "$cleanup" == "true" && "$dirty" == "no" && "$active_owner" == "no" && "$active_launch" == "no" ]]; then
-          remove_agent_worktree "$current_worktree" "$current_branch_ref"
-          cleaned_count=$((cleaned_count + 1))
-          printf 'CLEANUP=removed\n'
-        else
-          printf 'CLEANUP=skipped\n'
-        fi
-        printf '\n'
-      fi
-
-      current_worktree=""
-      current_branch_ref=""
-      current_head=""
-    fi
-    continue
-  fi
-
-  case "$line" in
-    worktree\ *) current_worktree="${line#worktree }" ;;
-    HEAD\ *) current_head="${line#HEAD }" ;;
-    branch\ *) current_branch_ref="${line#branch }" ;;
-  esac
-done < <(git -C "$AGENT_REPO_ROOT" worktree list --porcelain; printf '\n')
-
-printf 'LEGACY_AGENT_WORKTREE_COUNT=%s\n' "$issue_count"
-printf 'LEGACY_AGENT_WORKTREE_CLEANED=%s\n' "$cleaned_count"
-
-if [[ "$strict" == "true" && "$issue_count" -gt 0 ]]; then
-  exit 2
-fi

package/tools/bin/audit-issue-routing.sh

@@ -1,11 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# shellcheck source=/dev/null
-source "${SCRIPT_DIR}/flow-shell-lib.sh"
-
-FLOW_SKILL_DIR="$(resolve_flow_skill_dir "${BASH_SOURCE[0]}")"
-ADAPTER_BIN_DIR="${FLOW_SKILL_DIR}/bin"
-
-exec "${ADAPTER_BIN_DIR}/audit-issue-routing.sh" "$@"

package/tools/bin/audit-retained-layout.sh

@@ -1,58 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# shellcheck source=/dev/null
-source "${SCRIPT_DIR}/flow-config-lib.sh"
-
-CONFIG_YAML="$(resolve_flow_config_yaml "${BASH_SOURCE[0]}")"
-RETAINED_ROOT="$(flow_resolve_retained_repo_root "${CONFIG_YAML}")"
-ADAPTER_ID="$(flow_resolve_adapter_id "${CONFIG_YAML}")"
-
-classify_worktree() {
-  local path="${1:-}"
-  case "$path" in
-    */${ADAPTER_ID}-pr-*|*/${ADAPTER_ID}-issue-*|*/${ADAPTER_ID}-main-clean)
-      printf 'legacy-automation\n'
-      ;;
-    "$RETAINED_ROOT")
-      printf 'retained-main\n'
-      ;;
-    *)
-      printf 'retained-manual\n'
-      ;;
-  esac
-}
-
-count_dirty_paths() {
-  local path="${1:?path required}"
-  git -C "$path" status --porcelain 2>/dev/null | wc -l | tr -d ' '
-}
-
-current_branch() {
-  local path="${1:?path required}"
-  git -C "$path" rev-parse --abbrev-ref HEAD 2>/dev/null || printf 'unknown\n'
-}
-
-current_head() {
-  local path="${1:?path required}"
-  git -C "$path" rev-parse --short HEAD 2>/dev/null || printf 'unknown\n'
-}
-
-worktree_list="$(
-  git -C "$RETAINED_ROOT" worktree list --porcelain |
-    awk '/^worktree /{print substr($0,10)}'
-)"
-
-printf 'RETAINED_ROOT=%s\n' "$RETAINED_ROOT"
-printf 'RETAINED_WORKTREE_COUNT=%s\n' "$(printf '%s\n' "$worktree_list" | sed '/^$/d' | wc -l | tr -d ' ')"
-
-while IFS= read -r worktree; do
-  [[ -n "$worktree" ]] || continue
-  printf '\n[worktree]\n'
-  printf 'path=%s\n' "$worktree"
-  printf 'class=%s\n' "$(classify_worktree "$worktree")"
-  printf 'branch=%s\n' "$(current_branch "$worktree")"
-  printf 'head=%s\n' "$(current_head "$worktree")"
-  printf 'dirty_paths=%s\n' "$(count_dirty_paths "$worktree")"
-done <<<"$worktree_list"