agentic-sdlc-wizard 1.32.0 → 1.34.0

package/.claude-plugin/marketplace.json

@@ -13,7 +13,7 @@
       "name": "sdlc-wizard",
       "source": ".",
       "description": "SDLC enforcement for AI agents — TDD, planning, self-review, CI shepherd",
-      "version": "1.31.0",
+      "version": "1.34.0",
       "author": {
         "name": "Stefan Ayala"
       },

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "sdlc-wizard",
-  "version": "1.31.0",
+  "version": "1.34.0",
   "description": "SDLC enforcement for AI agents — TDD, planning, self-review, CI shepherd",
   "author": {
     "name": "Stefan Ayala",

package/CHANGELOG.md

@@ -4,6 +4,62 @@ All notable changes to the SDLC Wizard.
 
 > **Note:** This changelog is for humans to read. Don't manually apply these changes - just run the wizard ("Check for SDLC wizard updates") and it handles everything automatically.
 
+## [1.34.0] - 2026-04-17
+
+### Added
+- Memory Audit Protocol for promoting private-memory lessons to shared docs (#189)
+  - New `/sdlc` subsection under "After Session (Capture Learnings)" defines a three-bucket classifier (`promote` / `keep` / `manual-review`) with a rule-based privacy denylist (`type: user`/`reference` → keep, `project`/`feedback` → manual-review)
+  - YAML frontmatter parser in `tests/test-memory-audit-protocol.sh` normalizes inline comments, quoted values, and whitespace so variants like `type: "user" # external` still route to keep
+  - `SDLC.md` now has a `## Lessons Learned` section seeded with 7 verified technical gotchas (GH CLI stdout, `workflows` YAML scope, GITHUB_TOKEN workflow triggers, GHA `${{ }}` backtick substitution, macOS bash 3.x, stderr/stdout separation for JSON parsing, `continue-on-error` + `||` masking); each entry cites its originating PR or incident date and was re-verified with a runnable repro before promotion
+  - 10-fixture corpus at `tests/fixtures/memory-audit-corpus/` (6 promote / 2 keep / 2 manual-review) with `test_expected` frontmatter seeds the future LLM-gated quality runner
+  - 12-test protocol suite covers structure, rule-based denylist, YAML-variant hardening, corpus consistency (promote fixtures route to manual-review under rule-based), and corpus shape
+  - Codex xhigh 3-round code review: 4/10 → 8/10 → 10/10 CERTIFIED. Caught two false lessons in private memory (`${3:-{}}` brace-default claim and `--argjson result` jq-conflict claim) that were retracted with dated strikethroughs — the protocol's first real use prevented its own false claims from shipping
+  - CLI distributes skill updates + new SDLC.md section; CI wire-up in `.github/workflows/ci.yml` (validate job)
+- API feature detection shepherd for Claude API release notes (#100, PRs #184, #186, #187)
+  - LLM-free weekly detector at `.github/workflows/weekly-api-update.yml` polls `platform.claude.com/docs/en/release-notes/api.md`
+  - `scripts/parse-api-changelog.py` parses ATX date headers with ordinal-date normalizer and bullet-summary capture (non-date sub-headers like `#### SDKs` no longer terminate bullet extraction); 200-char truncation with ellipsis; tab scrub
+  - `scripts/persist-api-state.sh` writes last-seen date with branch-protection-safe non-blocking push; opens/updates a single `api-review-needed` tracking issue with enriched bullet summaries (not just dates)
+  - `instructions-loaded-check.sh` nudges at session start when open issues exist; gated on local workflow presence so consumer forks see only their own detector's issues
+  - 33 tests including 8 fixture-based parser tests (bullet capture, subheader boundary, tab scrub, truncation, ordinal dates) and 2 integration tests
+  - Codex xhigh 5 rounds across 2 PRs: 9/10 CERTIFIED. Found-in-prod P0 hotfix in #187 — `gh api` writes JSON error bodies to stdout (not stderr), so the label-create `already_exists` check was broken after the first successful dispatch; pattern now captures both streams
+
+### Fixed
+- `gh api` error handling in `weekly-api-update.yml` now captures stdout+stderr together for `already_exists` detection on label creation (#187). Added as portable lesson in `SDLC.md` Lessons Learned
+
+### Docs
+- `/less-permission-prompts` Claude Code native skill surfaced in wizard and setup documentation (#183)
+- README community section restyled with visual Discord badge for Automation Station
+
+## [1.33.0] - 2026-04-17
+
+### Added
+- `opus[1m]` as the SDLC wizard default model (#182)
+  - CLI template ships `"model": "opus[1m]"` + `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` (tuned for 1M — compacts at ~300K)
+  - `cli/init.js` `mergeSettings` merges top-level `model` on fresh installs and when absent; respects user's explicit choice; `--force` overwrites
+  - Wizard doc "1M vs 200K Context Window" section flipped to recommend `opus[1m]` as default; pricing framed as "verify current rates at docs.anthropic.com" (no stale tier-specific claims)
+  - `/sdlc` skill: new "Recommended Model" section between auto-approval and Confidence Check
+  - `/setup` skill Step 9.5: 1M default, 200K fallback (inverted from before)
+  - SDLC.md baseline bumped to v2.1.111+ (Opus 4.7 minimum)
+  - Session-start hooks now recommend `opus[1m]` alias (matches the `/model` command users run)
+  - 9 new tests (5 CLI model merge, 4 doc consistency); 6 existing autocompact tests updated to expect `30`, fixtures bumped to `50` in tests 37/38 to preserve the no-overwrite proof
+  - Codex xhigh 2-round review: 9/10 CERTIFIED
+- Dual-channel install drift guardrails (#181)
+  - `cli/init.js` detects plugin install paths (`~/.claude/plugins-local/sdlc-wizard-wrap/`, `~/.claude/plugins/cache/sdlc-wizard-local/`) and blocks init with a typed `err.pluginPaths` error; `--force` bypasses
+  - `instructions-loaded-check.sh` non-blocking nudge when both CLI skills and Claude plugin are present in the same project
+  - HOME isolation in test files (`mktemp -d` + `trap` cleanup) prevents dev-machine HOME from leaking into assertions
+  - `path.isAbsolute(home)` guard in `detectPluginInstall` — empty/relative HOME no longer causes false-positive block
+  - `run_init_split` test helper captures stdout/stderr separately with explicit exit code
+  - 9 new CLI tests, 5 new hook tests; Codex xhigh 4-round review: 9/10 CERTIFIED
+- Model/effort upgrade detection at session start (#179, #180)
+  - SessionStart hook nudges when configured `effortLevel` is below `xhigh` recommendation
+  - Reads `.claude/settings.local.json` → `.claude/settings.json` → `$HOME/.claude/settings.json` precedence
+  - Non-blocking (`exit 0`); asks Claude to compare recommended model against its own system prompt
+  - `claude-opus-4-6` defaults bumped to `claude-opus-4-7` in `pr-review.yml`, `evaluate.sh`, `sdp-score.sh`, `pairwise-compare.sh`
+  - Hook added to `SDLC.md` hooks table + CLI distributes `model-effort-check.sh`
+
+### Fixed
+- `cli/bin/sdlc-wizard.js` double-print: plugin-detect errors now suppress the outer `"Error:"` prefix since detection streams its own colored guidance block (#181)
+
 ## [1.32.0] - 2026-04-16
 
 ### Added

package/CLAUDE_CODE_SDLC_WIZARD.md

@@ -855,30 +855,31 @@ Override the default auto-compact threshold with environment variables. These ar
 | `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE` | Trigger compaction at this % of context capacity (1-100) | ~95% |
 | `CLAUDE_CODE_AUTO_COMPACT_WINDOW` | Override context capacity in tokens (useful for 1M models) | Model default |
 
-**Recommended:** The SDLC Wizard CLI sets `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=75` in `.claude/settings.json` by default (200K model optimized). To customize, edit the `env` field in `.claude/settings.json`:
+**Recommended:** The SDLC Wizard CLI sets `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` and `"model": "opus[1m]"` in `.claude/settings.json` by default (tuned for the 1M context window — compacts at ~300K). To customize, edit `.claude/settings.json`:
 
 ```json
 {
+  "model": "opus[1m]",
   "env": {
-    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "75"
+    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "30"
   }
 }
 ```
 
-Alternatively, set via shell profile (`~/.bashrc`, `~/.zshrc`) or per-project `.envrc`:
+If you switch back to the 200K model (`opus`), raise the override to `75` — otherwise 30% of 200K = 60K compacts too early. Alternatively, set via shell profile (`~/.bashrc`, `~/.zshrc`) or per-project `.envrc`:
 
 ```bash
-export CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=75
+export CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30
 ```
 
 **Community-recommended thresholds by use case:**
 
 | Use Case | AUTOCOMPACT % | Why |
 |----------|--------------|-----|
-| General development (200K) | 75% | Leaves room for implementation after planning |
-| Complex refactors (200K) | 80% | Slightly more context before compaction |
+| **SDLC default (`opus[1m]`)** | **30%** | **Fires at ~300K on 1M — right balance for plan + TDD + review sessions** |
+| General development (200K `opus`) | 75% | Leaves room for implementation after planning |
+| Complex refactors (200K `opus`) | 80% | Slightly more context before compaction |
 | CI pipelines | 60% | Short tasks, compact early to stay fast |
-| 1M context model | 30% | See "1M vs 200K" below — 95% on 1M wastes budget |
 | Short tasks | 60-70% | Less context needed, compact early |
 
 **Important:** Values above the default ~95% threshold have no effect — you can only trigger compaction *earlier*, not later. Noise (progress ticks, thinking blocks, stale reads) makes up 50-70% of session tokens, so threshold tuning matters less than noise reduction (scoped reads, subagents, `/compact` between phases).
@@ -891,27 +892,31 @@ The thresholds above are community consensus — not empirically validated. For
 
 ### 1M vs 200K Context Window
 
-Claude Code supports both 200K and 1M context windows. Choose based on your task:
+Claude Code supports both 200K and 1M context windows. **Default to `opus[1m]` for SDLC work** — the 1M headroom is free until you actually use it.
 
-| | 200K Context | 1M Context |
+| | 200K Context (`opus`) | 1M Context (`opus[1m]`) **← default** |
 |---|---|---|
-| **Best for** | Normal SDLC cycles (plan → TDD → review) | Multi-feature releases, deep codebase exploration |
-| **Typical usage** | 50-80K tokens per task | 200K+ tokens for complex workflows |
-| **Cost** | Lower total cost per session | ~5x more tokens consumed (cost scales linearly) |
-| **Auto-compact** | Default 95% works well | Reported to fire at ~76K ([issue #34332](https://github.com/anthropics/claude-code/issues/34332)) |
+| **Best for** | Short one-off tasks | Normal SDLC cycles + multi-feature work |
+| **Typical usage** | 50-80K tokens per task | 50-80K typical, up to 200K+ for complex workflows |
+| **Cost** | Standard pricing | Anthropic currently lists the 1M window at standard pricing across the full context for supported Opus/Sonnet models — **verify current rates at [docs.anthropic.com/pricing](https://docs.anthropic.com/)** before assuming no premium |
+| **Auto-compact** | Default 95% works well | Fires at ~76K by default ([issue #34332](https://github.com/anthropics/claude-code/issues/34332)) — **tune to 30%** |
 | **Suggested override** | `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=75` | `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` or `CLAUDE_CODE_AUTO_COMPACT_WINDOW=400000` |
 
-**Default to 200K.** Normal SDLC tasks (single feature, bug fix, refactor) rarely exceed 80K tokens. The 200K window handles this with room to spare.
+**Why `opus[1m]` as default:**
+- **Long SDLC sessions accumulate context fast** — plan → TDD → review → CI shepherd on a single feature regularly crosses 100K tokens
+- **Safety margin against autocompact loss** — cheaper to have headroom than to re-read files after a forced compact
+- **At time of writing, Anthropic lists 1M context at standard pricing for supported Opus/Sonnet models.** Verify current rates for your plan before relying on this — see [docs.anthropic.com/pricing](https://docs.anthropic.com/)
 
-**Switch to 1M when:**
-- Implementing multiple related features in one session
-- Deep research across a large codebase (reading 20+ files)
-- Multi-agent workflows that accumulate context
-- Complex debugging sessions that need full history
+**Set it up:** `/model opus[1m]` in your session, or set `"model": "opus[1m]"` in `.claude/settings.json`. The CLI template ships with this default. Requires Claude Code v2.1.111+ for Opus 4.7.
 
-**Cost awareness:** No per-token premium since March 2026, but total cost scales linearly with context consumed. A 900K-token session costs ~$4.50 in input alone. Use `/cost` to monitor.
+**Fall back to `opus` (200K) when:**
+- Your plan or organization charges higher rates for long-context prompts (check your billing)
+- You're doing genuinely short one-off tasks and want slightly faster responses
+- Your team has cost controls that flag >200K prompts
 
-**1M autocompact workaround:** On 1M models, the default auto-compact has been reported to fire too early (~76K, per [issue #34332](https://github.com/anthropics/claude-code/issues/34332)). Community workaround: set `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` or `CLAUDE_CODE_AUTO_COMPACT_WINDOW=400000` to use more of the window.
+**Cost awareness:** Larger windows let you consume more tokens in one session, and total cost always scales with tokens consumed regardless of tier. Use `/cost` to monitor — a 900K-token session is meaningfully more expensive than an 80K one even at standard rates.
+
+**Autocompact pairing (important):** If you default to `opus[1m]`, also set `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` — otherwise CC's default autocompact fires at ~76K and destroys the headroom you're paying for. The CLI template sets this automatically.
 
 ---
 
@@ -2657,7 +2662,7 @@ If deployment fails or post-deploy verification catches issues:
 
 **SDLC.md:**
 ```markdown
-<!-- SDLC Wizard Version: 1.31.0 -->
+<!-- SDLC Wizard Version: 1.34.0 -->
 <!-- Setup Date: [DATE] -->
 <!-- Completed Steps: step-0.1, step-0.2, step-0.4, step-1, step-2, step-3, step-4, step-5, step-6, step-7, step-8, step-9 -->
 <!-- Git Workflow: [PRs or Solo] -->
@@ -3130,6 +3135,8 @@ Want me to file these? (yes/no/not now)
 
 **`/revise-claude-md` scope:** Only updates CLAUDE.md. It does NOT touch feature docs, TESTING.md, hooks, or skills. Use it for general project context that applies across the codebase.
 
+**Memory Audit Protocol:** Per-user memory at `~/.claude/projects/<proj>/memory/` accumulates private learnings. Some are portable technical lessons that belong in shared docs. The `/sdlc` skill's **Memory Audit Protocol** section (under "After Session (Capture Learnings)") defines a three-bucket classifier (`promote` / `keep` / `manual-review`) with a type-based denylist that keeps `user`/`reference` entries private and routes `project`/`feedback` entries to human review. Run at end-of-release or after debugging-heavy sessions. Human approves every promotion chunk-by-chunk before apply.
+
 **When to do mini-retro:** After features, tricky bugs, or discovering gotchas. Skip for one-line fixes or questions.
 
 **The SDLC evolves:** Weekly research, monthly deep-dives, and CI friction signals feed improvements. Human approves, the system gets better.
@@ -3716,7 +3723,7 @@ Walk through updates? (y/n)
 Store wizard state in `SDLC.md` as metadata comments (invisible to readers, parseable by Claude):
 
 ```markdown
-<!-- SDLC Wizard Version: 1.31.0 -->
+<!-- SDLC Wizard Version: 1.34.0 -->
 <!-- Setup Date: 2026-01-24 -->
 <!-- Completed Steps: step-0.1, step-0.2, step-1, step-2, step-3, step-4, step-5, step-6, step-7, step-8, step-9 -->
 <!-- Git Workflow: PRs -->
@@ -4055,6 +4062,23 @@ When Anthropic provides official plugins that overlap with this SDLC:
 
 **Re-run `claude-code-setup` periodically** (quarterly, or when your project expands in scope) to catch new automations — MCP servers, hooks, subagents — that weren't relevant at initial setup but are now.
 
+**API feature shepherd (self-maintenance, roadmap #100):**
+
+The wizard watches the **Anthropic API changelog** — not just Claude Code CLI releases — for new betas, tools, and agent features. The detector runs in `.github/workflows/weekly-api-update.yml`, is intentionally LLM-free, and only opens a tracking issue labeled `api-review-needed` when new entries appear at `platform.claude.com/docs/en/release-notes/api`.
+
+When that issue is open, the session-start hook nudges you. The session (not the workflow) does the deep research + adoption via the full SDLC loop. This mirrors the "local shepherd" pattern used for CI fixes: cheap Action-layer detection + session-time analysis beats expensive Action-layer LLM calls.
+
+The gap this closes: the advisor tool (API beta, `advisor-tool-2026-03-01`) shipped and was missed for several days before manual discovery. Detector would have flagged it on the next weekly tick.
+
+**Complementary native skills worth knowing:**
+
+| Native Skill | What It Does | When to Run |
+|--------------|--------------|-------------|
+| `/less-permission-prompts` | Scans transcripts for common read-only Bash/MCP calls and proposes a prioritized allowlist | After a few sessions — reduces permission friction without auto mode |
+| `/permissions` | Pre-allow specific commands and check them into `.claude/settings.json` | Anytime you want an auditable team allowlist |
+
+These are shipped by Claude Code itself. The wizard doesn't reimplement them — it points you at them so you benefit from the native version's ongoing maintenance.
+
 ### When Claude Code Improves
 
 Claude Code is actively improving. When they add built-in features:

package/README.md

@@ -237,7 +237,17 @@ This isn't the only Claude Code SDLC tool. Here's an honest comparison:
 
 ## Community
 
-Come join **[Automation Station](https://discord.com/invite/fGPEF7GHrF)** — a community Discord packed with software engineers bringing 40+ years of combined experience across every area of the stack (frontend, backend, infra, embedded, data, QA, DevOps, you name it). Share patterns, ask questions, compare notes on AI agents, automation, and SDLC tooling.
+<div align="center">
+
+[![Discord](https://img.shields.io/badge/Discord-Automation%20Station-5865F2?style=for-the-badge&logo=discord&logoColor=white)](https://discord.com/invite/fGPEF7GHrF)
+
+**[Automation Station](https://discord.com/invite/fGPEF7GHrF)** — a community Discord packed with software engineers bringing 40+ years of combined experience across every area of the stack.
+
+_Frontend · Backend · Infra · Embedded · Data · QA · DevOps_
+
+Share patterns, ask questions, compare notes on AI agents, automation, and SDLC tooling.
+
+</div>
 
 ## Contributing
 

package/cli/bin/sdlc-wizard.js

@@ -42,7 +42,9 @@ if (command === 'init') {
     init(process.cwd(), flags);
     process.exit(0);
   } catch (err) {
-    console.error(`Error: ${err.message}`);
+    // Plugin-detect errors already streamed a colored guidance block to stderr
+    // from init() — skip the redundant "Error:" prefix line.
+    if (!err.pluginPaths) console.error(`Error: ${err.message}`);
     process.exit(1);
   }
 } else if (command === 'check') {

package/cli/init.js

@@ -23,6 +23,7 @@ const FILES = [
   { src: 'hooks/sdlc-prompt-check.sh', dest: '.claude/hooks/sdlc-prompt-check.sh', executable: true, base: REPO_ROOT },
   { src: 'hooks/tdd-pretool-check.sh', dest: '.claude/hooks/tdd-pretool-check.sh', executable: true, base: REPO_ROOT },
   { src: 'hooks/instructions-loaded-check.sh', dest: '.claude/hooks/instructions-loaded-check.sh', executable: true, base: REPO_ROOT },
+  { src: 'hooks/model-effort-check.sh', dest: '.claude/hooks/model-effort-check.sh', executable: true, base: REPO_ROOT },
   { src: 'skills/sdlc/SKILL.md', dest: '.claude/skills/sdlc/SKILL.md', base: REPO_ROOT },
   { src: 'skills/setup/SKILL.md', dest: '.claude/skills/setup/SKILL.md', base: REPO_ROOT },
   { src: 'skills/update/SKILL.md', dest: '.claude/skills/update/SKILL.md', base: REPO_ROOT },
@@ -35,6 +36,23 @@ const WIZARD_HOOK_MARKERS = FILES
 
 const GITIGNORE_ENTRIES = ['.claude/plans/', '.claude/settings.local.json'];
 
+// Paths where the Claude plugin form of this wizard installs.
+// If present, running `npx init` creates duplicate /update-wizard (#181).
+const PLUGIN_INSTALL_PATHS = [
+  '.claude/plugins-local/sdlc-wizard-wrap',
+  '.claude/plugins/cache/sdlc-wizard-local',
+];
+
+function detectPluginInstall(homeDir) {
+  const home = homeDir || os.homedir();
+  // Guard empty / non-absolute HOME: without this, path.join('', '.claude/...')
+  // produces a project-relative path and init falsely blocks on local dirs.
+  if (!home || !path.isAbsolute(home)) return [];
+  return PLUGIN_INSTALL_PATHS
+    .map((rel) => path.join(home, rel))
+    .filter((p) => fs.existsSync(p));
+}
+
 // Paths from previous versions that should be removed on upgrade
 const OBSOLETE_PATHS = [
   '.claude/skills/testing',  // consolidated into /sdlc in v1.17.0
@@ -52,6 +70,13 @@ function mergeSettings(existingPath, templatePath, force) {
     const existing = JSON.parse(fs.readFileSync(existingPath, 'utf8'));
     const template = JSON.parse(fs.readFileSync(templatePath, 'utf8'));
 
+    // Merge top-level model field (only set if missing, unless --force).
+    // Respects user's explicit model choice; adds the wizard default on fresh
+    // installs and for users upgrading from a pre-model template.
+    if (template.model && (!('model' in existing) || force)) {
+      existing.model = template.model;
+    }
+
     // Merge env field
     if (template.env) {
       if (!existing.env || typeof existing.env !== 'object' || Array.isArray(existing.env)) {
@@ -201,6 +226,24 @@ function printOps(ops) {
 }
 
 function init(targetDir, { force = false, dryRun = false } = {}) {
+  if (!dryRun && !force) {
+    const pluginPaths = detectPluginInstall();
+    if (pluginPaths.length > 0) {
+      console.error(`\n${YELLOW}Claude plugin install detected:${RESET}`);
+      for (const p of pluginPaths) console.error(`  ${p}`);
+      console.error('\nInstalling via npm on top of the plugin creates duplicate /update-wizard commands.');
+      console.error('Pick one channel:');
+      console.error(`  - Keep plugin:   exit and use ${CYAN}/plugin update sdlc-wizard${RESET}`);
+      console.error(`  - Switch to CLI: remove plugin dir above, then rerun ${CYAN}init${RESET}`);
+      console.error(`  - Keep both:     rerun with ${CYAN}--force${RESET} (duplicates expected)\n`);
+      const err = new Error(
+        `Plugin install detected at: ${pluginPaths.join(', ')}. Use --force to bypass.`
+      );
+      err.pluginPaths = pluginPaths;
+      throw err;
+    }
+  }
+
   const ops = planOperations(targetDir, { force });
 
   if (dryRun) {
@@ -408,4 +451,4 @@ function checkMarketplacePaths() {
   return results;
 }
 
-module.exports = { init, check, planOperations, GITIGNORE_ENTRIES };
+module.exports = { init, check, planOperations, detectPluginInstall, GITIGNORE_ENTRIES };

package/cli/templates/settings.json

@@ -1,6 +1,7 @@
 {
+  "model": "opus[1m]",
   "env": {
-    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "75"
+    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "30"
   },
   "hooks": {
     "UserPromptSubmit": [
@@ -34,6 +35,16 @@
           }
         ]
       }
+    ],
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/model-effort-check.sh"
+          }
+        ]
+      }
     ]
   }
 }

package/hooks/hooks.json

@@ -32,6 +32,16 @@
           }
         ]
       }
+    ],
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks/model-effort-check.sh"
+          }
+        ]
+      }
     ]
   }
 }

package/hooks/instructions-loaded-check.sh

@@ -66,6 +66,61 @@ if command -v codex > /dev/null 2>&1 && [ -d "$PROJECT_DIR/.reviews" ]; then
     fi
 fi
 
+# Model/effort upgrade check (non-blocking, best-effort)
+RECOMMENDED_MODEL="opus[1m]"
+RECOMMENDED_EFFORT="xhigh"
+if command -v jq > /dev/null 2>&1; then
+    EFFORT=""
+    PROJ="${CLAUDE_PROJECT_DIR:-$PROJECT_DIR}"
+    for f in "$PROJ/.claude/settings.local.json" "$PROJ/.claude/settings.json" "$HOME/.claude/settings.json"; do
+        if [ -f "$f" ]; then
+            val=$(jq -r '.effortLevel // empty' "$f" 2>/dev/null)
+            if [ -n "$val" ]; then EFFORT="$val"; break; fi
+        fi
+    done
+    if [ -n "$EFFORT" ] && [ "$EFFORT" != "$RECOMMENDED_EFFORT" ]; then
+        echo "Upgrade available: effort $EFFORT → $RECOMMENDED_EFFORT (run: /effort $RECOMMENDED_EFFORT)"
+        echo "Recommended model: $RECOMMENDED_MODEL (run: /model $RECOMMENDED_MODEL)"
+    fi
+fi
+
+# Dual-channel install check (#181) — nudge when CLI skills + Claude plugin both present
+if [ -d "$PROJECT_DIR/.claude/skills/update" ]; then
+    for plugin_path in "$HOME/.claude/plugins-local/sdlc-wizard-wrap" "$HOME/.claude/plugins/cache/sdlc-wizard-local"; do
+        if [ -d "$plugin_path" ]; then
+            echo "WARNING: dual-install detected — CLI skills in .claude/skills/ AND Claude plugin at:"
+            echo "  $plugin_path"
+            echo "  Duplicate /update-wizard commands come from running both channels. Pick one:"
+            echo "    - Keep plugin: remove .claude/skills/ from this project"
+            echo "    - Keep CLI:    /plugin uninstall sdlc-wizard (or remove plugin dir)"
+            break
+        fi
+    done
+fi
+
+# API feature review nudge (#100) — surface open 'api-review-needed' issues
+# opened by .github/workflows/weekly-api-update.yml so the session picks up
+# new API features without waiting for manual discovery.
+#
+# Gated on LOCAL presence of the detector workflow: the CLI distributes this
+# hook to consumer projects, and we don't want to pester those users with
+# upstream-wizard issues. The nudge only fires when the current repo owns
+# the detector (= the wizard repo or a fork of it).
+if [ -f "$PROJECT_DIR/.github/workflows/weekly-api-update.yml" ] && \
+   command -v gh > /dev/null 2>&1; then
+    # Query the current repo (not hardcoded upstream) — in a fork, users see
+    # their own detector's issues, not ours.
+    API_REVIEW_COUNT=$(gh issue list \
+        --state open \
+        --label "api-review-needed" \
+        --limit 1 \
+        --json number \
+        --jq 'length' 2>/dev/null) || API_REVIEW_COUNT=""
+    if [[ "$API_REVIEW_COUNT" =~ ^[0-9]+$ ]] && [ "$API_REVIEW_COUNT" -gt 0 ]; then
+        echo "Anthropic API features pending review: ${API_REVIEW_COUNT} open issue(s) with label 'api-review-needed' (see .github/workflows/weekly-api-update.yml)"
+    fi
+fi
+
 # Claude Code version check (non-blocking, best-effort)
 if command -v claude > /dev/null 2>&1 && command -v npm > /dev/null 2>&1; then
     CC_LOCAL=$(claude --version 2>/dev/null | grep -o '[0-9][0-9.]*' | head -1) || true

package/hooks/model-effort-check.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+# SessionStart hook — nudges user when effort level is below recommended
+# and tells Claude the recommended model so it can compare against its own
+# CC does NOT expose the model to hooks, so model nudge relies on Claude
+# seeing this output and comparing against its system prompt
+# Non-blocking: always exits 0
+
+RECOMMENDED_MODEL="opus[1m]"
+RECOMMENDED_EFFORT="xhigh"
+
+# Drain stdin (SessionStart sends JSON but model field isn't in it)
+cat > /dev/null
+
+if ! command -v jq > /dev/null 2>&1; then
+    exit 0
+fi
+
+effort=""
+project_dir="${CLAUDE_PROJECT_DIR:-.}"
+for f in "$project_dir/.claude/settings.local.json" "$project_dir/.claude/settings.json" "$HOME/.claude/settings.json"; do
+    if [ -f "$f" ]; then
+        val=$(jq -r '.effortLevel // empty' "$f" 2>/dev/null)
+        if [ -n "$val" ]; then
+            effort="$val"
+            break
+        fi
+    fi
+done
+
+nudge=""
+
+if [ -n "$effort" ] && [ "$effort" != "$RECOMMENDED_EFFORT" ]; then
+    nudge="effort: $effort → $RECOMMENDED_EFFORT (run: /effort $RECOMMENDED_EFFORT)"
+fi
+
+if [ -n "$nudge" ]; then
+    echo "Upgrade available:"
+    echo "  $nudge"
+    echo "  recommended model: $RECOMMENDED_MODEL (run: /model $RECOMMENDED_MODEL)"
+    echo "  (Claude: compare recommended model against your current model — nudge user if different)"
+fi
+
+exit 0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentic-sdlc-wizard",
-  "version": "1.32.0",
+  "version": "1.34.0",
   "description": "SDLC enforcement for Claude Code — hooks, skills, and wizard setup in one command",
   "bin": {
     "sdlc-wizard": "./cli/bin/sdlc-wizard.js"

package/skills/sdlc/SKILL.md

@@ -161,6 +161,21 @@ When auto-approving, still announce your approach — just don't wait for approv
 
 **When in doubt, wait for approval.** Auto-approval is for clear-cut cases only.
 
+## Recommended Model
+
+**Default: `opus[1m]` (Opus 4.7 with 1M context window).** Run `/model opus[1m]` at the start of any non-trivial SDLC session.
+
+**Why:**
+- SDLC sessions (plan → TDD → review → CI shepherd) accumulate context fast — plans, test output, diffs, review artifacts. 200K fills up before you're done.
+- Forced auto-compact mid-task loses your working state. Extra headroom is cheaper than re-reading files.
+- At time of writing, Anthropic lists 1M context at standard pricing for supported Opus/Sonnet models — verify current rates for your plan before relying on this.
+
+**Requires Claude Code v2.1.111+** for Opus 4.7.
+
+**Pair with `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30`.** Without it, CC's default auto-compact on 1M fires at ~76K and defeats the purpose. The wizard's `cli/templates/settings.json` sets both defaults on install.
+
+**Fall back to `opus` (200K) only when:** your plan charges a premium for long-context prompts, the task is genuinely short (<30K), or team cost controls flag >200K prompts. See the "1M vs 200K Context Window" section in `CLAUDE_CODE_SDLC_WIZARD.md` for details.
+
 ## Confidence Check (REQUIRED)
 
 Before presenting approach, STATE your confidence:
@@ -702,6 +717,40 @@ If this session revealed insights, update the right place:
 - **General project context** → `CLAUDE.md` (or `/revise-claude-md`)
 - **Plan files** → If this session's work came from a plan file, delete it or mark it complete. Stale plans mislead future sessions into thinking work is still pending
 
+### Memory Audit Protocol
+
+Per-user memory at `~/.claude/projects/<proj>/memory/` accumulates private learnings. Some belong there (user preferences, external references). Others are portable technical lessons (tool quirks, platform gotchas, bash/GHA/macOS footguns) that would save the next contributor hours. Run this audit to promote the portable ones.
+
+**When to run:**
+- End-of-release (before cutting a tag)
+- After a debugging-heavy session with multiple memory additions
+- On explicit "audit my memory" request
+
+**Classify each memory file in `~/.claude/projects/<proj>/memory/`:**
+
+1. **Rule-based denylist (deterministic, no LLM):**
+   - `type: user` → `keep` (user identity, preferences — never promote)
+   - `type: reference` → `keep` (external pointers to Discord/URL/etc — private by default)
+   - `type: project` → `manual-review` (often mixed state + portable lesson — human decides)
+   - `type: feedback` → `manual-review` (often mixed personal preference + portable rule — human decides)
+   - Parser must normalize YAML variants (`type: "user"`, `type: user # comment`, surrounding whitespace) — see `tests/test-memory-audit-protocol.sh::apply_denylist_rule` for the reference implementation
+2. **Remaining entries** (no type, or type outside the 4 above) fall through to human-gated review. An LLM-assisted classification runner is Prove-It-Gated: build it only after running this protocol 4+ times with manual classification. Until then, human review at promotion time IS the quality gate
+
+**Destinations for `promote` entries (no new files — use existing wizard destinations):**
+
+| Content | Target |
+|---------|--------|
+| Language/tool/platform gotchas (bash, gh CLI, GHA, macOS) | `SDLC.md` → `## Lessons Learned` section |
+| Testing gotchas (flaky patterns, mock-vs-integration lessons) | `TESTING.md` |
+| Tool-specific quirks tied to a skill | That skill's `SKILL.md` |
+| Process rules that should govern the project | `CLAUDE.md` |
+
+**Tracking:** When you promote an entry, add `promoted_to: <path>` to that memory file's YAML frontmatter. Subsequent audits skip already-promoted entries.
+
+**Human gate is MANDATORY.** Protocol produces diffs; user approves chunk-by-chunk before apply. Never auto-apply — private memory touching public docs needs human judgement.
+
+**Prove It Gate:** If you find yourself running this protocol 4+ times and manually doing the same classification work, that's evidence to build a `/memory-audit` slash command AND wire the LLM-gated quality tests (8/10 classification, 6/6 destination). Until then, protocol + human review is enough — and no stub tests that skip (they mislead reviewers into thinking a gate exists when it doesn't).
+
 ## Post-Mortem: When Process Fails, Feed It Back
 
 **Every process failure becomes an enforcement rule.** When you skip a step and it causes a problem, don't just fix the symptom — add a gate so it can't happen again.

package/skills/setup/SKILL.md

@@ -183,16 +183,17 @@ Present suggestions and let the user confirm.
 
 ### Step 9.5: Context Window Configuration
 
-The CLI already sets `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=75` in `.claude/settings.json` `env` field (200K default). Ask the user which model context window they use:
+The CLI ships `cli/templates/settings.json` with `"model": "opus[1m]"` and `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=30` (tuned for the 1M context window — compacts at ~300K). This is the SDLC wizard default. Confirm the installed values, or fall back to 200K if the user prefers:
 
-- **200K models (default):** Already configured. Confirm `75` is set in `settings.json` `env` field
-- **1M models:** Update `settings.json` `env` field: set `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE` to `"30"` — the default fires at ~76K on 1M, wasting 92% of the window. Optionally also add `CLAUDE_CODE_AUTO_COMPACT_WINDOW` set to `"400000"`
+- **1M default (`opus[1m]`):** Confirm `"model": "opus[1m]"` at top level and `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE: "30"` under `env`. Requires Claude Code v2.1.111+ for Opus 4.7.
+- **200K fallback (`opus`):** Edit `.claude/settings.json` — change `"model"` to `"opus"` and raise `CLAUDE_AUTOCOMPACT_PCT_OVERRIDE` to `"75"` (otherwise `30%` of 200K compacts too early at 60K).
 
-To update, edit `.claude/settings.json`:
+To fall back to 200K, edit `.claude/settings.json`:
 ```json
 {
+  "model": "opus",
   "env": {
-    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "30"
+    "CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "75"
   }
 }
 ```
@@ -223,10 +224,13 @@ Tell the user:
 > **Exit Claude Code and restart it** for the new configuration to take effect.
 > On restart, the SDLC hook will fire and you'll see the checklist in every response.
 >
-> **Optional next step:**
+> **Optional next steps:**
 > - Run `/claude-automation-recommender` for stack-specific tooling suggestions (MCP servers, formatting hooks, type-checking hooks, plugins)
+> - After a few sessions, run `/less-permission-prompts` — a native Claude Code skill
+>   that scans your transcripts for common read-only Bash/MCP calls and proposes a
+>   prioritized allowlist. Reduces permission friction without enabling auto mode.
 >
-> The recommender is complementary to the SDLC wizard — it adds tooling recommendations, not process enforcement.
+> Both are complementary to the SDLC wizard — they add tooling and quality-of-life, not process enforcement.
 
 ## Rules
 

package/skills/update/SKILL.md

@@ -46,9 +46,12 @@ Parse all CHANGELOG entries between the user's installed version and the latest.
 
 ```
 Installed: 1.24.0
-Latest:    1.31.0
+Latest:    1.34.0
 
 What changed:
+- [1.34.0] API feature detection shepherd for Claude releases, Memory Audit Protocol with 7 verified lessons (+2 caught-and-retracted), /less-permission-prompts surfaced, ...
+- [1.33.0] opus[1m] as SDLC default, dual-channel install drift guardrails, model/effort session-start nudge, ...
+- [1.32.0] Opus 4.7 + xhigh support, model/effort upgrade detection, benchmark ceiling audit, ...
 - [1.31.0] Hook false-positive fix for non-SDLC dirs, ephemeral marketplace path warning, ...
 - [1.30.0] Firmware fixture, model A/B comparison workflow, CC degradation detection, ...
 - [1.29.0] Node 24 compliance, autocompact in settings.json, effectiveness scoreboard, ...