agentloopkit 0.1.0

package/dist/templates/gates/test-gate.md

@@ -0,0 +1,24 @@
+# Test Gate
+
+Purpose: ensure behavior changes have evidence.
+
+Checklist:
+
+- New behavior has tests when practical.
+- Bug fixes include a regression test when practical.
+- Existing tests still pass.
+- Manual checks are documented when automation is unavailable.
+
+Pass criteria:
+
+- Verification matches the risk of the change.
+
+Fail criteria:
+
+- The agent claims success without running checks or explaining why not.
+
+Escalation triggers:
+
+- Flaky tests
+- Missing test command
+- High-risk behavior without coverage

package/dist/templates/handoffs/decision-log.md

@@ -0,0 +1,13 @@
+# Decision Log Entry
+
+## Decision
+
+## Context
+
+## Options Considered
+
+## Chosen Approach
+
+## Consequences
+
+## Follow-Up

package/dist/templates/handoffs/pr-summary.md

@@ -0,0 +1,36 @@
+# PR Summary
+
+## Summary
+
+- What changed:
+- Why:
+
+## Task Context
+
+- Task contract:
+- Acceptance criteria:
+
+## Changed Files
+
+-
+
+## Verification
+
+- Commands run:
+- Results:
+- Not run:
+
+## Risks
+
+-
+
+## Rollback
+
+-
+
+## Reviewer Checklist
+
+- [ ] Behavior matches the task contract.
+- [ ] Verification evidence is adequate.
+- [ ] Protected files were reviewed.
+- [ ] Rollback path is clear.

package/dist/templates/handoffs/release-notes.md

@@ -0,0 +1,15 @@
+# Release Notes
+
+## Version
+
+## Highlights
+
+## Changes
+
+## Verification
+
+## Breaking Changes
+
+## Upgrade Notes
+
+## Known Limitations

package/dist/templates/handoffs/reviewer-brief.md

@@ -0,0 +1,13 @@
+# Reviewer Brief
+
+## Review Focus
+
+## Files Worth Reading First
+
+## Behavior To Check
+
+## Verification Evidence
+
+## Known Risks
+
+## Questions For Reviewer

package/dist/templates/handoffs/rollback-plan.md

@@ -0,0 +1,11 @@
+# Rollback Plan
+
+## Trigger
+
+## Steps
+
+## Data Risk
+
+## Verification After Rollback
+
+## Owner

package/dist/templates/handoffs/verification-report.md

@@ -0,0 +1,13 @@
+# Verification Report
+
+## Timestamp
+
+## Commands Run
+
+## Results
+
+## Output Excerpts
+
+## Commands Not Run
+
+## Recommended Next Actions

package/dist/templates/harness/autonomous-work-rules.md

@@ -0,0 +1,22 @@
+# Autonomous Work Rules
+
+Agents may proceed without asking when:
+
+- The task contract is clear.
+- The change avoids protected areas.
+- The implementation is small and reversible.
+- Verification commands are known.
+
+Agents must pause or ask when:
+
+- Requirements conflict.
+- The change touches migrations, secrets, auth, billing, deployment, or public APIs.
+- A dependency must be added or upgraded.
+- A destructive command seems necessary.
+- Verification fails for reasons unrelated to the task.
+
+Before stopping:
+
+- Run verification or explain why it was not run.
+- Review git diff.
+- Generate a handoff summary.

package/dist/templates/harness/commands.md

@@ -0,0 +1,16 @@
+# Commands
+
+Detected during AgentLoopKit init:
+
+- Test: {{ testCommand }}
+- Lint: {{ lintCommand }}
+- Typecheck: {{ typecheckCommand }}
+- Build: {{ buildCommand }}
+- Format: {{ formatCommand }}
+
+Rules:
+
+- Run targeted checks while developing.
+- Run configured verification before claiming completion.
+- If a command fails, report the failure and fix it when reasonable.
+- If a command is not configured, say so in the handoff.

package/dist/templates/harness/definition-of-done.md

@@ -0,0 +1,16 @@
+# Definition Of Done
+
+Work is done when:
+
+- Acceptance criteria are met.
+- Relevant tests pass or missing tests are explained.
+- Typecheck, lint, and build pass when configured.
+- The diff has been reviewed.
+- Risks and rollback notes are documented.
+- Handoff summary is ready for a reviewer.
+
+Work is not done when:
+
+- Verification was skipped without explanation.
+- Protected files changed without review.
+- The diff includes unrelated churn.

package/dist/templates/harness/release-checklist.md

@@ -0,0 +1,11 @@
+# Release Checklist
+
+- [ ] Working tree reviewed.
+- [ ] Changelog updated.
+- [ ] Version selected.
+- [ ] Typecheck passed.
+- [ ] Tests passed.
+- [ ] Build passed.
+- [ ] Package contents reviewed.
+- [ ] Publish command prepared.
+- [ ] Rollback plan documented.

package/dist/templates/harness/repo-map.md

@@ -0,0 +1,16 @@
+# Repo Map
+
+Project name: {{ projectName }}
+Project type: {{ projectType }}
+Package manager: {{ packageManager }}
+
+Key files:
+
+- AGENTS.md: agent instructions
+- AGENTLOOP.md: methodology and repo loop
+- agentloop.config.json: commands and safety settings
+- .agentloop/tasks/: task contracts
+- .agentloop/reports/: verification reports
+- .agentloop/handoffs/: reviewer summaries
+
+Before changing code, inspect the files directly related to the task. Do not infer behavior from filenames alone.

package/dist/templates/harness/review-checklist.md

@@ -0,0 +1,9 @@
+# Review Checklist
+
+- [ ] Task contract is clear.
+- [ ] Changed files match the scope.
+- [ ] No unrelated refactors are included.
+- [ ] Tests or documented verification cover the change.
+- [ ] Docs were updated when behavior changed.
+- [ ] Protected areas were reviewed.
+- [ ] Rollback notes are clear.

package/dist/templates/harness/working-agreement.md

@@ -0,0 +1,11 @@
+# Working Agreement
+
+Agents working in this repo should:
+
+- Start from the task contract.
+- Keep changes small and reviewable.
+- Prefer existing project patterns.
+- Avoid unrelated refactors.
+- Preserve user changes.
+- Update docs when commands, public behavior, or workflows change.
+- Record architecture decisions in DECISIONS.md.

package/dist/templates/loops/bugfix.md

@@ -0,0 +1,36 @@
+# Bugfix Loop
+
+Use this loop when correcting broken behavior.
+
+Required inputs:
+
+- Reproduction steps or failing case
+- Expected behavior
+- Actual behavior
+- Scope constraints
+
+Process:
+
+1. Reproduce or explain why reproduction is unavailable.
+2. Add a failing test when practical.
+3. Make the smallest fix that passes.
+4. Verify the original failure no longer occurs.
+5. Check nearby regressions.
+
+Acceptance criteria:
+
+- The failure is fixed.
+- The fix is covered by automated or documented manual verification.
+- The change avoids broad rewrites.
+
+Verification:
+
+- Run the targeted test first.
+- Run configured verification commands.
+
+Handoff output:
+
+- Root cause summary
+- Files changed
+- Tests run
+- Residual risk

package/dist/templates/loops/dependency-upgrade.md

@@ -0,0 +1,34 @@
+# Dependency Upgrade Loop
+
+Use this loop when adding or upgrading dependencies.
+
+Required inputs:
+
+- Package name
+- Reason for change
+- Version target
+- Lockfile policy
+
+Process:
+
+1. Explain why the dependency change is needed.
+2. Inspect changelog or release notes when available.
+3. Update package and lockfile.
+4. Run focused and full verification.
+5. Document compatibility risks.
+
+Acceptance criteria:
+
+- Dependency change is justified.
+- Lockfile change is intentional.
+- No unrelated package churn is included.
+
+Verification:
+
+- Run install, tests, typecheck, and build.
+
+Handoff output:
+
+- Package changed
+- Risk notes
+- Rollback command

package/dist/templates/loops/docs.md

@@ -0,0 +1,35 @@
+# Docs Loop
+
+Use this loop when changing documentation.
+
+Required inputs:
+
+- Reader
+- Goal
+- Existing docs to update
+- Source of truth
+
+Process:
+
+1. Verify the documented behavior from code or commands.
+2. Write direct instructions.
+3. Remove stale or duplicate text.
+4. Check links and commands.
+5. Handoff with changed docs and assumptions.
+
+Acceptance criteria:
+
+- The reader can complete the task.
+- Commands and paths are accurate.
+- Limitations are stated plainly.
+
+Verification:
+
+- Run documented commands when practical.
+- Check Markdown links when tooling exists.
+
+Handoff output:
+
+- Docs changed
+- Commands verified
+- Claims not verified

package/dist/templates/loops/feature.md

@@ -0,0 +1,38 @@
+# Feature Loop
+
+Use this loop when adding user-visible behavior.
+
+Required inputs:
+
+- Problem statement
+- Desired outcome
+- Acceptance criteria
+- Files or areas likely to change
+- Files or areas not to touch
+
+Process:
+
+1. Specify the feature contract.
+2. Constrain public API, data, auth, and dependency changes.
+3. Plan a narrow implementation path.
+4. Implement the smallest useful feature.
+5. Verify with tests, typecheck, lint, and build when configured.
+6. Review the diff against the contract.
+7. Handoff with risks and rollback notes.
+
+Acceptance criteria:
+
+- User behavior is clear.
+- Edge cases are handled or documented.
+- No unrelated refactors are included.
+
+Verification:
+
+- Run configured test, lint, typecheck, and build commands.
+- Add or update tests when behavior changes.
+
+Handoff output:
+
+- PR summary
+- Verification report
+- Reviewer checklist

package/dist/templates/loops/migration.md

@@ -0,0 +1,35 @@
+# Migration Loop
+
+Use this loop when changing schemas, data migrations, or irreversible state.
+
+Required inputs:
+
+- Migration goal
+- Data affected
+- Rollback strategy
+- Human approval status
+
+Process:
+
+1. Stop for human review before irreversible changes.
+2. Define forward and rollback path.
+3. Add tests or dry-run commands where possible.
+4. Keep migration files focused.
+5. Verify application compatibility.
+
+Acceptance criteria:
+
+- Data risk is clear.
+- Rollback plan is explicit.
+- Deployment order is documented.
+
+Verification:
+
+- Run migration dry-run if available.
+- Run tests and build.
+
+Handoff output:
+
+- Migration notes
+- Rollback plan
+- Human review checklist

package/dist/templates/loops/refactor.md

@@ -0,0 +1,35 @@
+# Refactor Loop
+
+Use this loop when improving structure without changing behavior.
+
+Required inputs:
+
+- Current pain point
+- Behavior that must stay unchanged
+- Files in scope
+- Files out of scope
+
+Process:
+
+1. Identify behavior-preserving boundaries.
+2. Add characterization tests if coverage is thin.
+3. Refactor in small steps.
+4. Run verification after each risky step.
+5. Review the diff for accidental behavior changes.
+
+Acceptance criteria:
+
+- Public behavior stays the same.
+- Code becomes easier to read, test, or maintain.
+- No unrelated formatting churn is included.
+
+Verification:
+
+- Run existing tests.
+- Add focused tests if the refactor touches shared behavior.
+
+Handoff output:
+
+- Refactor intent
+- Safety evidence
+- Rollback notes

package/dist/templates/loops/release.md

@@ -0,0 +1,35 @@
+# Release Loop
+
+Use this loop when preparing a release.
+
+Required inputs:
+
+- Version target
+- Changelog entries
+- Package checks
+- Publish owner
+
+Process:
+
+1. Confirm working tree and branch.
+2. Run typecheck, tests, build, and pack.
+3. Update changelog and release notes.
+4. Review package contents.
+5. Handoff publish commands and risks.
+
+Acceptance criteria:
+
+- Package builds and packs.
+- Changelog matches shipped changes.
+- Release notes are reviewer-ready.
+
+Verification:
+
+- Run configured checks.
+- Run package dry-run or pack command.
+
+Handoff output:
+
+- Release checklist
+- Verification report
+- Publish notes

package/dist/templates/loops/security-review.md

@@ -0,0 +1,35 @@
+# Security Review Loop
+
+Use this loop when reviewing code for security risk.
+
+Required inputs:
+
+- Assets at risk
+- Trust boundaries
+- Auth, secrets, and data flows
+- Known threat model
+
+Process:
+
+1. Identify sensitive files and inputs.
+2. Check secret handling without reading secret values.
+3. Review auth, permissions, command execution, and dependency changes.
+4. Document findings with severity and evidence.
+5. Recommend narrow fixes.
+
+Acceptance criteria:
+
+- Findings cite files and behavior.
+- False positives are marked.
+- Fixes avoid broad rewrites.
+
+Verification:
+
+- Run tests.
+- Run audit tooling when configured.
+
+Handoff output:
+
+- Findings
+- Risk rating
+- Recommended fixes

package/dist/templates/loops/test-generation.md

@@ -0,0 +1,34 @@
+# Test Generation Loop
+
+Use this loop when adding or improving tests.
+
+Required inputs:
+
+- Behavior to protect
+- Current coverage gap
+- Target files
+- Verification command
+
+Process:
+
+1. Read the behavior and existing tests.
+2. Add focused tests that exercise real code.
+3. Avoid tests that only confirm mocks.
+4. Run the targeted test.
+5. Run the wider test command when available.
+
+Acceptance criteria:
+
+- Tests fail for the wrong behavior and pass for the right behavior.
+- Tests are readable and maintainable.
+
+Verification:
+
+- Run the new test file.
+- Run the configured test command.
+
+Handoff output:
+
+- Test coverage added
+- Behaviors protected
+- Gaps left open

package/dist/templates/policies/database-change-policy.md

@@ -0,0 +1,11 @@
+# Database Change Policy
+
+Treat schema and data changes as high-risk.
+
+Rules:
+
+- Ask for human review before irreversible migrations.
+- Document forward and rollback steps.
+- Do not edit production data from an agent session.
+- Keep migration files focused.
+- Run migration tests or dry-runs when available.

package/dist/templates/policies/dependency-change-policy.md

@@ -0,0 +1,11 @@
+# Dependency Change Policy
+
+Dependency changes must be intentional.
+
+Rules:
+
+- Explain why the dependency is needed.
+- Prefer small, maintained packages with clear licenses.
+- Avoid packages with install scripts unless reviewed.
+- Update lockfiles intentionally.
+- Run tests, typecheck, and build after the change.

package/dist/templates/policies/git-policy.md

@@ -0,0 +1,11 @@
+# Git Policy
+
+Agents must preserve user work.
+
+Rules:
+
+- Inspect status before broad edits.
+- Do not revert unrelated changes.
+- Do not rewrite history without explicit approval.
+- Keep diffs focused.
+- Summarize changed files before handoff.

package/dist/templates/policies/no-destructive-actions.md

@@ -0,0 +1,17 @@
+# No Destructive Actions Policy
+
+Agents must not delete files, reset branches, discard changes, rewrite history, or remove dependencies unless the user asks for that specific action.
+
+Allowed without extra approval:
+
+- Reading files
+- Creating task contracts, reports, and summaries
+- Editing files required by the task contract
+
+Requires explicit approval:
+
+- `git reset`
+- `git checkout --`
+- `rm -rf`
+- Dropping migrations or data
+- Replacing existing instructions wholesale

package/dist/templates/policies/public-api-change-policy.md

@@ -0,0 +1,11 @@
+# Public API Change Policy
+
+Public API changes require clear intent.
+
+Rules:
+
+- Preserve public APIs unless the task contract requires a change.
+- Document breaking changes.
+- Update README and docs for command or API changes.
+- Add tests for new public behavior.
+- Include migration notes when users must change their code.

package/dist/templates/policies/secrets-policy.md

@@ -0,0 +1,11 @@
+# Secrets Policy
+
+Agents must never expose secrets.
+
+Rules:
+
+- Do not read `.env` file contents.
+- If env files are detected, report paths only.
+- Do not print tokens, keys, cookies, or credentials.
+- Do not add secrets to generated reports.
+- Use placeholder names in docs.

package/dist/templates/policies/security-policy.md

@@ -0,0 +1,11 @@
+# Security Policy
+
+Agents must treat security-sensitive code with caution.
+
+Rules:
+
+- Do not read, print, or store secret values.
+- Do not add hidden network calls.
+- Do not add telemetry.
+- Review command execution paths for injection risk.
+- Check auth and permission changes with a human when behavior changes.

package/dist/templates/policies/ui-change-policy.md

@@ -0,0 +1,11 @@
+# UI Change Policy
+
+UI changes should serve the workflow.
+
+Rules:
+
+- Match existing design conventions.
+- Check responsive states.
+- Avoid copy that explains obvious controls.
+- Do not introduce unrelated redesigns.
+- Verify that text fits its container.