agent-quality-police 0.2.7 → 0.2.9

package/.agents/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.agents/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/.claude/agents/bypass-auditor.md

@@ -1,6 +1,6 @@
 ---
 name: bypass-auditor
-description: "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description: "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 tools:
   - Read
   - Glob
@@ -33,6 +33,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.claude/agents/implementer.md

@@ -1,6 +1,6 @@
 ---
 name: implementer
-description: "Executes approved code changes under the framework without weakening tests, typing, or config."
+description: "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 tools:
   - Read
   - Write
@@ -31,7 +31,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -39,6 +42,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.claude/agents/pr-gatekeeper.md

@@ -1,6 +1,6 @@
 ---
 name: pr-gatekeeper
-description: "Makes the final approve-or-reject decision for a change without rewriting code."
+description: "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 tools:
   - Read
   - Glob

package/.claude/agents/tdd-warden.md

@@ -1,6 +1,6 @@
 ---
 name: tdd-warden
-description: "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description: "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 tools:
   - Read
   - Glob

package/.claude/rules/review-and-gates.md

@@ -3,5 +3,7 @@
 - Run `tdd-warden` for behavior and TDD verification when tests changed or should have changed.
 - Run `bypass-auditor` for any TypeScript, lint, config, mock, helper, or suspicious review surface.
 - Run `pr-gatekeeper` before publishing or claiming approval.
+- Inline self-review does not replace invoking the named audit agents.
+- If a required audit agent cannot run, report `BLOCKED` instead of claiming completion.
 - Auditor outputs must be concrete, short, evidence-based, and severe.
 - A reviewer who cannot prove safety must reject the change.

package/.claude/rules/typescript-zero-bypass.md

@@ -7,8 +7,10 @@ paths:
 
 - Prohibit `any`, `as`, `as const`, chained assertions, angle-bracket assertions, and non-null assertions.
 - Prohibit `@ts-ignore`, `@ts-expect-error`, `@ts-nocheck`, and `@ts-check` as escape hatches.
-- Prohibit inline structural types.
+- Prohibit inline structural types, including in private methods, local helpers, and return types.
 - Require named interfaces and named unions instead of inline structural types.
+- Prohibit `Object.create(SomeClass.prototype)` and equivalent prototype fabrication to fake typed instances.
+- Prohibit `Object.assign(...)` or direct internal field hydration when used to bypass constructors, factories, or invariants.
 - Reject `Record` and index signatures when they are used as generic escape hatches.
 - Do not add branches or fallback values solely to satisfy the compiler.
 - If the type system is resisting, remodel the data instead of coercing it.

package/.claude/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.claude/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "author": {
     "name": "Davy Massoneto",

package/.codex/agents/bypass-auditor.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "bypass-auditor"
-description = "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description = "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 model = "gpt-5.4-mini"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"
@@ -27,6 +27,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.codex/agents/implementer.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "implementer"
-description = "Executes approved code changes under the framework without weakening tests, typing, or config."
+description = "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 model = "gpt-5.3-codex-spark"
 model_reasoning_effort = "medium"
 sandbox_mode = "workspace-write"
@@ -20,7 +20,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -28,6 +31,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.codex/agents/pr-gatekeeper.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "pr-gatekeeper"
-description = "Makes the final approve-or-reject decision for a change without rewriting code."
+description = "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 model = "gpt-5.4"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"

package/.codex/agents/tdd-warden.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "tdd-warden"
-description = "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description = "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 model = "gpt-5.4-mini"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"

package/.codex-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "author": {
     "name": "Davy Massoneto",

package/.opencode/agents/bypass-auditor.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description: "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.0
@@ -31,6 +31,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.opencode/agents/implementer.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Executes approved code changes under the framework without weakening tests, typing, or config."
+description: "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.1
@@ -24,7 +24,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -32,6 +35,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.opencode/agents/pr-gatekeeper.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Makes the final approve-or-reject decision for a change without rewriting code."
+description: "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 mode: subagent
 model: anthropic/claude-opus-4-1-20250805
 temperature: 0.0

package/.opencode/agents/tdd-warden.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description: "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.0

package/.opencode/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.opencode/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/CLAUDE.md

@@ -4,33 +4,41 @@
 
 - Direct system, developer, and user instructions override this file.
 - Prefer current local code and current official documentation over memory.
-- Load only the smallest relevant skill set for the task.
+- Treat the required skills and auditors in this file as mandatory workflow requirements.
 
 ## Startup Sequence
 
 1. Read [quality-definition](docs/policy/quality-definition.md) when the task needs repository policy context.
 2. Read [workflow](docs/policy/workflow.md) when the repository defines one.
-3. Load only the relevant skill set from `.claude/skills/`.
+3. Load the smallest required skill set from `.claude/skills/` before proposing edits or writing code.
 
 ## Skill Routing
 
-- Use [quality-index](.claude/skills/quality-index/SKILL.md) when the task spans multiple concerns.
+- Use [quality-index](.claude/skills/quality-index/SKILL.md) when the task spans multiple concerns or when you are unsure which validators apply.
 - Use [typescript-zero-bypass](.claude/skills/typescript-zero-bypass/SKILL.md) for `.ts` or `.tsx` changes.
 - Use [vite-vitest-tdd](.claude/skills/vite-vitest-tdd/SKILL.md) for Vite or Vitest TDD.
 - Use [react-public-api-testing](.claude/skills/react-public-api-testing/SKILL.md) for React behavior tests.
+- Use [anti-bypass-audit](.claude/skills/anti-bypass-audit/SKILL.md) when reviewing diffs, suspicious helpers, weakened configs, or type/config-heavy changes.
+- Use [refactoring-with-safety](.claude/skills/refactoring-with-safety/SKILL.md) for refactors that are not pure bug fixes.
+- Use [governance-installation](.claude/skills/governance-installation/SKILL.md) when installing or updating this governance package.
 
 ## Quality Rules
 
+- Load the required skills before proposing edits or writing code.
+- If a required skill is unavailable in the current runtime, stop and report `BLOCKED`.
 - Use behavior-first tests when tests are viable.
 - Avoid type bypasses, comment bypasses, config weakening, and fake greens.
 - Prefer named types and explicit models over inline structural shortcuts.
 
 ## Review Flow
 
-- Before final approval, run the relevant auditors for the actual risk surface.
-- Use `bypass-auditor` for typing, config, mocks, helpers, or suspicious diffs.
-- Use `tdd-warden` when behavior or tests changed or should have changed.
-- Use `pr-gatekeeper` only for final approve-or-reject review.
+- For code changes, explicitly invoke the required auditors before final approval.
+- For code changes, do not finalize until the required auditors have run and their results were reviewed.
+- Do not substitute inline self-review for a required audit agent invocation.
+- For typing, config, mocks, helpers, or suspicious diffs, run `bypass-auditor`.
+- For behavior changes or bug fixes, run `tdd-warden` and `bypass-auditor`.
+- For final approval, release, or merge decisions, run `pr-gatekeeper` after the other required auditors.
+- If a required skill or auditor cannot run in the current runtime, stop and report `BLOCKED`.
 
 ## Claude Code
 

package/docs/policy/quality-definition.md

@@ -51,6 +51,8 @@ Fraud includes:
 - disabling ESLint to suppress a local violation
 - weakening `tsconfig`, `eslint`, `vite`, `vitest`, or equivalent config to silence a problem
 - adding impossible fallback branches, fake narrowing, or defensive code only to satisfy TypeScript
+- constructor bypass through `Object.create(SomeClass.prototype)` or equivalent prototype fabrication
+- internal field hydration through `Object.assign(...)` or direct assignment to simulate a valid instance without using the real constructor or public factory
 - using `Map` in public or domain-facing contracts to avoid explicit named input modeling
 - helper layers that hide what the test is proving
 - mocks that replace the exact behavior under test
@@ -66,6 +68,7 @@ Reject immediately when a diff introduces any of the following without an explic
 - unproven tests
 - suspicious helper noise
 - narrowing that exists only to appease the compiler
+- constructor bypasses, prototype fabrication, or internal field hydration that fabricate class instances without their real invariants
 - branching that changes runtime semantics without product or domain justification
 
 ## Safe Refactor
@@ -94,12 +97,13 @@ Acceptable modeling favors:
 - Zod only for external input boundaries
 - Joi only for environment validation when that boundary exists and matters
 
-Inline structural types are prohibited.
+Inline structural types are prohibited, including private methods, local helpers, and return types.
 
 Unacceptable modeling includes:
 
 - anonymous structural types in signatures
 - inline structural types in local declarations when a named concept exists
+- inline structural object return types such as `(): { completed: number; total: number }`
 - `Record` or index signatures as generic escape hatches
 - `Map` used as a lookup-bag escape hatch in a public or domain-facing contract
 - generic “utils” that absorb domain meaning

package/docs/policy/workflow.md

@@ -11,6 +11,8 @@
 7. Run the appropriate audit agents.
 8. Validate the repository before commit or publication.
 
+Inline self-review does not satisfy an audit requirement. When an audit agent is required, invoke the named agent. If the required agent cannot run, report `BLOCKED` instead of claiming completion.
+
 ## Required Audit Pairing
 
 - TypeScript or config-heavy change: run `bypass-auditor`.

package/lib/install.mjs

@@ -89,29 +89,37 @@ function globalPolicySections() {
     priorityBody: [
       "- Direct system, developer, and user instructions override this file.",
       "- Prefer current local code and current official documentation over memory.",
-      "- Load only the smallest relevant skill set for the task."
+      "- Treat the required skills and auditors in this file as mandatory workflow requirements."
     ].join("\n"),
     startupSequenceBody: [
       "1. Read [quality-definition]({{quality_definition_path}}) when the task needs repository policy context.",
       "2. Read [workflow]({{workflow_path}}) when the repository defines one.",
-      "3. Load only the relevant skill set from `{{primary_skill_root}}`."
+      "3. Load the smallest required skill set from `{{primary_skill_root}}` before proposing edits or writing code."
     ].join("\n"),
     skillRoutingBody: [
-      "- Use [quality-index]({{quality_index_skill_path}}) when the task spans multiple concerns.",
+      "- Use [quality-index]({{quality_index_skill_path}}) when the task spans multiple concerns or when you are unsure which validators apply.",
       "- Use [typescript-zero-bypass]({{typescript_zero_bypass_skill_path}}) for `.ts` or `.tsx` changes.",
       "- Use [vite-vitest-tdd]({{vite_vitest_tdd_skill_path}}) for Vite or Vitest TDD.",
-      "- Use [react-public-api-testing]({{react_public_api_testing_skill_path}}) for React behavior tests."
+      "- Use [react-public-api-testing]({{react_public_api_testing_skill_path}}) for React behavior tests.",
+      "- Use [anti-bypass-audit]({{anti_bypass_audit_skill_path}}) when reviewing diffs, suspicious helpers, weakened configs, or type/config-heavy changes.",
+      "- Use [refactoring-with-safety]({{refactoring_with_safety_skill_path}}) for refactors that are not pure bug fixes.",
+      "- Use [governance-installation]({{governance_installation_skill_path}}) when installing or updating this governance package."
     ].join("\n"),
     qualityRulesBody: [
+      "- Load the required skills before proposing edits or writing code.",
+      "- If a required skill is unavailable in the current runtime, stop and report `BLOCKED`.",
       "- Use behavior-first tests when tests are viable.",
       "- Avoid type bypasses, comment bypasses, config weakening, and fake greens.",
       "- Prefer named types and explicit models over inline structural shortcuts."
     ].join("\n"),
     reviewFlowBody: [
-      "- Before final approval, run the relevant auditors for the actual risk surface.",
-      "- Use `bypass-auditor` for typing, config, mocks, helpers, or suspicious diffs.",
-      "- Use `tdd-warden` when behavior or tests changed or should have changed.",
-      "- Use `pr-gatekeeper` only for final approve-or-reject review."
+      "- For code changes, explicitly invoke the required auditors before final approval.",
+      "- For code changes, do not finalize until the required auditors have run and their results were reviewed.",
+      "- Do not substitute inline self-review for a required audit agent invocation.",
+      "- For typing, config, mocks, helpers, or suspicious diffs, run `bypass-auditor`.",
+      "- For behavior changes or bug fixes, run `tdd-warden` and `bypass-auditor`.",
+      "- For final approval, release, or merge decisions, run `pr-gatekeeper` after the other required auditors.",
+      "- If a required skill or auditor cannot run in the current runtime, stop and report `BLOCKED`."
     ].join("\n")
   };
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "type": "module",
   "license": "MIT",