agent-quality-police 0.2.8 → 0.2.9

package/.agents/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.agents/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/.claude/agents/bypass-auditor.md

@@ -1,6 +1,6 @@
 ---
 name: bypass-auditor
-description: "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description: "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 tools:
   - Read
   - Glob
@@ -33,6 +33,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.claude/agents/implementer.md

@@ -1,6 +1,6 @@
 ---
 name: implementer
-description: "Executes approved code changes under the framework without weakening tests, typing, or config."
+description: "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 tools:
   - Read
   - Write
@@ -31,7 +31,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -39,6 +42,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.claude/agents/pr-gatekeeper.md

@@ -1,6 +1,6 @@
 ---
 name: pr-gatekeeper
-description: "Makes the final approve-or-reject decision for a change without rewriting code."
+description: "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 tools:
   - Read
   - Glob

package/.claude/agents/tdd-warden.md

@@ -1,6 +1,6 @@
 ---
 name: tdd-warden
-description: "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description: "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 tools:
   - Read
   - Glob

package/.claude/rules/review-and-gates.md

@@ -3,5 +3,7 @@
 - Run `tdd-warden` for behavior and TDD verification when tests changed or should have changed.
 - Run `bypass-auditor` for any TypeScript, lint, config, mock, helper, or suspicious review surface.
 - Run `pr-gatekeeper` before publishing or claiming approval.
+- Inline self-review does not replace invoking the named audit agents.
+- If a required audit agent cannot run, report `BLOCKED` instead of claiming completion.
 - Auditor outputs must be concrete, short, evidence-based, and severe.
 - A reviewer who cannot prove safety must reject the change.

package/.claude/rules/typescript-zero-bypass.md

@@ -7,8 +7,10 @@ paths:
 
 - Prohibit `any`, `as`, `as const`, chained assertions, angle-bracket assertions, and non-null assertions.
 - Prohibit `@ts-ignore`, `@ts-expect-error`, `@ts-nocheck`, and `@ts-check` as escape hatches.
-- Prohibit inline structural types.
+- Prohibit inline structural types, including in private methods, local helpers, and return types.
 - Require named interfaces and named unions instead of inline structural types.
+- Prohibit `Object.create(SomeClass.prototype)` and equivalent prototype fabrication to fake typed instances.
+- Prohibit `Object.assign(...)` or direct internal field hydration when used to bypass constructors, factories, or invariants.
 - Reject `Record` and index signatures when they are used as generic escape hatches.
 - Do not add branches or fallback values solely to satisfy the compiler.
 - If the type system is resisting, remodel the data instead of coercing it.

package/.claude/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.claude/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.8",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "author": {
     "name": "Davy Massoneto",

package/.codex/agents/bypass-auditor.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "bypass-auditor"
-description = "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description = "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 model = "gpt-5.4-mini"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"
@@ -27,6 +27,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.codex/agents/implementer.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "implementer"
-description = "Executes approved code changes under the framework without weakening tests, typing, or config."
+description = "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 model = "gpt-5.3-codex-spark"
 model_reasoning_effort = "medium"
 sandbox_mode = "workspace-write"
@@ -20,7 +20,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -28,6 +31,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.codex/agents/pr-gatekeeper.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "pr-gatekeeper"
-description = "Makes the final approve-or-reject decision for a change without rewriting code."
+description = "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 model = "gpt-5.4"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"

package/.codex/agents/tdd-warden.toml

@@ -1,6 +1,6 @@
 # generated by scripts/build_framework.py; do not edit directly
 name = "tdd-warden"
-description = "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description = "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 model = "gpt-5.4-mini"
 model_reasoning_effort = "high"
 sandbox_mode = "read-only"

package/.codex-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.8",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "author": {
     "name": "Davy Massoneto",

package/.opencode/agents/bypass-auditor.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Audits a diff for type, test, mock, helper, and config bypasses with blocker-oriented output."
+description: "Use proactively before final approval for any typing, config, mock, helper, or suspicious diff review."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.0
@@ -31,6 +31,9 @@ You must actively hunt for:
 - `eslint-disable`
 - config weakening
 - fake narrowing or artificial fallback branches
+- constructor bypass
+- prototype fabrication such as `Object.create(SomeClass.prototype)`
+- internal field hydration such as `Object.assign(...)` into fabricated instances
 - helper noise
 - mocks with no probative value
 

package/.opencode/agents/implementer.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Executes approved code changes under the framework without weakening tests, typing, or config."
+description: "Executes approved code changes under the framework and hands off to the required audit agents before completion."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.1
@@ -24,7 +24,10 @@ Required behavior:
 2. If tests are viable, follow Red -> Green -> Refactor.
 3. Make the smallest defensible change.
 4. If canonical skill or agent sources change, rebuild generated projections instead of editing generated files by hand.
-5. Report what behavior was proven, what commands were run, and what remains blocked.
+5. Explicitly invoke the required audit agents before claiming the work is complete.
+6. Treat inline self-review as insufficient when a named audit agent is required.
+7. If a required audit agent cannot run, stop and report `BLOCKED`.
+8. Report what behavior was proven, which audit agents ran, what commands were run, and what remains blocked.
 
 Forbidden behavior:
 
@@ -32,6 +35,8 @@ Forbidden behavior:
 - introducing assertions, non-null assertions, or ts-comment bypasses
 - muting lint or type errors through configuration weakening
 - adding fake fallback branches or fake narrowing only to satisfy the compiler
+- fabricating typed instances through `Object.create(SomeClass.prototype)` or equivalent prototype tricks
+- hydrating internal fields with `Object.assign(...)` or direct writes to bypass constructors or public factories
 - hiding test intent behind generic helpers
 
 If the request conflicts with the policy, reject the shortcut and explain the blocker.

package/.opencode/agents/pr-gatekeeper.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Makes the final approve-or-reject decision for a change without rewriting code."
+description: "Use proactively as the final approve-or-reject gate after the other required auditors complete."
 mode: subagent
 model: anthropic/claude-opus-4-1-20250805
 temperature: 0.0

package/.opencode/agents/tdd-warden.md

@@ -1,6 +1,6 @@
 <!-- generated by scripts/build_framework.py; do not edit directly -->
 ---
-description: "Audits whether there was a real Red -> Green -> Refactor flow and whether tests prove public behavior."
+description: "Use proactively before final approval whenever behavior changed, tests changed, or tests should have changed."
 mode: subagent
 model: anthropic/claude-sonnet-4-20250514
 temperature: 0.0

package/.opencode/skills/anti-bypass-audit/SKILL.md

@@ -40,6 +40,9 @@ Find and report bypasses with short, evidence-based language. This skill is not
 - `eslint-disable`
 - lowered strictness in config
 - fake narrowing branches
+- constructor bypass
+- prototype fabrication
+- internal field hydration that fakes a valid class instance
 - helper or factory noise hiding test intent
 - mocks that replace the behavior under test
 

package/.opencode/skills/quality-index/SKILL.md

@@ -23,7 +23,8 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 2. Read `docs/policy/workflow.md`.
 3. Classify the task.
 4. Load only the skills required by that task.
-5. Pair the work with the correct audit agent before final approval.
+5. Decide which audit agents are mandatory before implementation is considered complete.
+6. Require the named audit agents to run before final approval.
 
 ## Routing
 
@@ -51,6 +52,7 @@ Use this skill as the entry point to the framework. It maps task types to the ri
 - Loading every skill by default.
 - Starting implementation before deciding what behavior must be proven.
 - Skipping the auditors because the change “looks small.”
+- Treating inline self-review as a substitute for invoking the named audit agents.
 
 ## Examples
 

package/CLAUDE.md

@@ -34,6 +34,7 @@
 
 - For code changes, explicitly invoke the required auditors before final approval.
 - For code changes, do not finalize until the required auditors have run and their results were reviewed.
+- Do not substitute inline self-review for a required audit agent invocation.
 - For typing, config, mocks, helpers, or suspicious diffs, run `bypass-auditor`.
 - For behavior changes or bug fixes, run `tdd-warden` and `bypass-auditor`.
 - For final approval, release, or merge decisions, run `pr-gatekeeper` after the other required auditors.

package/docs/policy/quality-definition.md

@@ -51,6 +51,8 @@ Fraud includes:
 - disabling ESLint to suppress a local violation
 - weakening `tsconfig`, `eslint`, `vite`, `vitest`, or equivalent config to silence a problem
 - adding impossible fallback branches, fake narrowing, or defensive code only to satisfy TypeScript
+- constructor bypass through `Object.create(SomeClass.prototype)` or equivalent prototype fabrication
+- internal field hydration through `Object.assign(...)` or direct assignment to simulate a valid instance without using the real constructor or public factory
 - using `Map` in public or domain-facing contracts to avoid explicit named input modeling
 - helper layers that hide what the test is proving
 - mocks that replace the exact behavior under test
@@ -66,6 +68,7 @@ Reject immediately when a diff introduces any of the following without an explic
 - unproven tests
 - suspicious helper noise
 - narrowing that exists only to appease the compiler
+- constructor bypasses, prototype fabrication, or internal field hydration that fabricate class instances without their real invariants
 - branching that changes runtime semantics without product or domain justification
 
 ## Safe Refactor
@@ -94,12 +97,13 @@ Acceptable modeling favors:
 - Zod only for external input boundaries
 - Joi only for environment validation when that boundary exists and matters
 
-Inline structural types are prohibited.
+Inline structural types are prohibited, including private methods, local helpers, and return types.
 
 Unacceptable modeling includes:
 
 - anonymous structural types in signatures
 - inline structural types in local declarations when a named concept exists
+- inline structural object return types such as `(): { completed: number; total: number }`
 - `Record` or index signatures as generic escape hatches
 - `Map` used as a lookup-bag escape hatch in a public or domain-facing contract
 - generic “utils” that absorb domain meaning

package/docs/policy/workflow.md

@@ -11,6 +11,8 @@
 7. Run the appropriate audit agents.
 8. Validate the repository before commit or publication.
 
+Inline self-review does not satisfy an audit requirement. When an audit agent is required, invoke the named agent. If the required agent cannot run, report `BLOCKED` instead of claiming completion.
+
 ## Required Audit Pairing
 
 - TypeScript or config-heavy change: run `bypass-auditor`.

package/lib/install.mjs

@@ -115,6 +115,7 @@ function globalPolicySections() {
     reviewFlowBody: [
       "- For code changes, explicitly invoke the required auditors before final approval.",
       "- For code changes, do not finalize until the required auditors have run and their results were reviewed.",
+      "- Do not substitute inline self-review for a required audit agent invocation.",
       "- For typing, config, mocks, helpers, or suspicious diffs, run `bypass-auditor`.",
       "- For behavior changes or bug fixes, run `tdd-warden` and `bypass-auditor`.",
       "- For final approval, release, or merge decisions, run `pr-gatekeeper` after the other required auditors.",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-quality-police",
-  "version": "0.2.8",
+  "version": "0.2.9",
   "description": "Strict governance framework for coding agents that blocks testing and typing bypasses.",
   "type": "module",
   "license": "MIT",