agents-templated 2.2.11 → 2.2.12

package/agents/commands/scope-shape.md

@@ -1,33 +1,58 @@
-# /scope-shape
-
-## A. Intent
-Constrain scope to the smallest high-leverage release that still proves value.
-
-## B. When to Use
-Use after problem framing and before architecture planning.
-
-## C. Required Inputs
-- Problem frame
-- Candidate feature list
-- Delivery constraints
-
-## D. Deterministic Execution Flow
-1. Rank features by impact and effort.
-2. Define must-have vs defer list.
-3. Freeze first-release boundaries.
-4. Add explicit out-of-scope items.
-5. Emit scope decision rationale.
-
-## E. Structured Output Template
-- `scope_in[]`
-- `scope_out[]`
-- `tradeoffs[]`
-- `release_goal`
-- `defer_queue[]`
-
-## F. Stop Conditions
-- Scope still exceeds constraints.
-- No out-of-scope list produced.
-
-## G. Safety Constraints
-- Prefer one reversible release over broad irreversible scope.
+# /scope-shape
+
+## A. Intent
+Constrain delivery scope to the smallest high-value reversible release.
+
+## B. When to Use
+- Use after problem framing and before architectural design.
+- Do not use when requirements are already contractually frozen.
+
+## C. Context Assumptions
+- Problem map exists.
+- Candidate feature list exists.
+- Delivery constraints are known.
+
+## D. Required Inputs
+| Input | Type | Example |
+|---------------------|------------|----------------------------------|
+| `scope_goal` | string | "ship MVP in 2 weeks" |
+| `candidate_items` | string[] | ["email login", "social login", "tutorial"] |
+| `constraint_artifact` | artifact | timeline doc, staffing snapshot |
+
+## E. Pre-Execution Guards <- fail fast, check ALL before running
+- [ ] scope goal is explicit
+- [ ] candidate items are ranked
+- [ ] out-of-scope list can be produced
+
+## F. Execution Flow
+1. Rank candidate items by value and effort.
+2. Draft in-scope and out-of-scope sets.
+3. Check scope against constraints.
+4. Decision point ->
+   - condition A -> scope exceeds constraints -> trim to MVP
+   - condition B ->  feasible scope -> continue.
+5. Build scope rationale and tradeoffs.
+6. Emit scope decision package.
+
+## G. Output Schema
+
+```json
+{
+  "scope_id": "string",
+  "scope_in": ["array","of","strings"],
+  "confidence": "low | medium | high",
+  "scope_out": "string | null"
+}
+```
+
+## H. Output Target
+- Default delivery: stdout
+- Override flag: --output=<target>
+
+## I. Stop Conditions <- abort with error message, never emit partial output
+- scope cannot satisfy constraints
+- no explicit out-of-scope definition is produced
+
+## J. Safety Constraints
+- Hard block: hard block on hidden scope creep
+- Warn only: warn when deferred items carry significant risk

package/agents/commands/task.md

@@ -1,35 +1,58 @@
-# /task
-
-## A. Intent
-Convert a plan item into a deterministic execution task.
-
-## B. When to Use
-Use for bounded work with clear acceptance criteria.
-
-## C. Required Inputs
-- Task identifier
-- Acceptance criteria
-- Allowed scope
-
-## D. Deterministic Execution Flow
-1. Resolve task identifier.
-2. Validate acceptance criteria completeness.
-3. Validate scope boundaries.
-4. Define execution steps.
-5. Define verification steps.
-6. Emit task contract.
-
-## E. Structured Output Template
-- `task_id`
-- `objective`
-- `allowed_scope`
-- `execution_steps[]`
-- `verification_steps[]`
-- `acceptance_criteria[]`
-
-## F. Stop Conditions
-- Unknown task identifier.
-- Missing acceptance criteria.
-
-## G. Safety Constraints
-- Reject out-of-scope changes.
+# /task
+
+## A. Intent
+Convert approved plans into deterministic, execution-ready task batches.
+
+## B. When to Use
+- Use when a plan exists and work must be distributed to implementers.
+- Do not use before planning is complete.
+
+## C. Context Assumptions
+- An approved plan exists.
+- Owners and execution context are known.
+- Dependencies can be sequenced.
+
+## D. Required Inputs
+| Input | Type | Example |
+|---------------------|------------|----------------------------------|
+| `plan_id` | string | "plan-2026-04-03" |
+| `task_scope` | string[] | ["api", "ui", "tests"] |
+| `source_artifacts` | artifact | plan file path or issue board URL |
+
+## E. Pre-Execution Guards <- fail fast, check ALL before running
+- [ ] plan exists and is approved
+- [ ] task scope maps to explicit plan items
+- [ ] dependency order is resolvable
+
+## F. Execution Flow
+1. Read plan outputs and dependency graph.
+2. Split work into atomic tasks.
+3. Assign execution order and ownership metadata.
+4. Decision point ->
+   - condition A -> blocking dependency found -> move item to blocked queue
+   - condition B ->  no blockers -> keep in active queue.
+5. Build task package with acceptance checks.
+6. Emit task list and execution order.
+
+## G. Output Schema
+
+```json
+{
+  "task_batch_id": "string",
+  "tasks": ["array","of","strings"],
+  "priority": "low | medium | high",
+  "blocker": "string | null"
+}
+```
+
+## H. Output Target
+- Default delivery: stdout
+- Override flag: --output=<target>
+
+## I. Stop Conditions <- abort with error message, never emit partial output
+- plan_id is missing or invalid
+- critical dependency cannot be resolved
+
+## J. Safety Constraints
+- Hard block: no task emission without traceability to a plan item
+- Warn only: warn when owner assignment is temporary

package/agents/commands/test.md

@@ -1,34 +1,58 @@
-# /test
-
-## A. Intent
-Generate or execute deterministic test plans and test artifacts.
-
-## B. When to Use
-Use for feature validation, regression prevention, and release readiness.
-
-## C. Required Inputs
-- Target scope
-- Test level
-- Expected behavior
-
-## D. Deterministic Execution Flow
-1. Resolve test scope.
-2. Map behavior to test cases.
-3. Execute or generate tests.
-4. Capture pass/fail artifacts.
-5. Classify failures.
-6. Emit test report.
-
-## E. Structured Output Template
-- `scope`
-- `test_matrix[]`
-- `execution_results[]`
-- `coverage_delta`
-- `failures[]`
-
-## F. Stop Conditions
-- Unavailable runtime.
-- Undefined scope.
-
-## G. Safety Constraints
-- Do not mark success if critical tests are skipped.
+# /test
+
+## A. Intent
+Run deterministic validation and gate release readiness based on test evidence.
+
+## B. When to Use
+- Use when validating behavior after implementation or before merge/release.
+- This command now includes quality-gate behavior; do not use /quality-gate.
+
+## C. Context Assumptions
+- Test targets are defined.
+- Required environments are available.
+- Pass/fail criteria are explicit.
+
+## D. Required Inputs
+| Input | Type | Example |
+|---------------------|------------|----------------------------------|
+| `test_scope` | string | "api regression" |
+| `test_suites` | string[] | ["unit", "integration", "critical-flow"] |
+| `evidence_artifact` | artifact | test report path or CI run URL |
+
+## E. Pre-Execution Guards <- fail fast, check ALL before running
+- [ ] test scope is non-empty
+- [ ] critical test suites are executable
+- [ ] pass criteria are declared
+
+## F. Execution Flow
+1. Collect test targets and runtime config.
+2. Execute suites in deterministic order.
+3. Aggregate results and failures.
+4. Decision point ->
+   - condition A -> critical failures present -> gate = blocked
+   - condition B ->  no critical failures -> gate = pass.
+5. Build validation evidence and remediation list.
+6. Emit test and gate report.
+
+## G. Output Schema
+
+```json
+{
+  "test_run_id": "string",
+  "results": ["array","of","strings"],
+  "gate_status": "low | medium | high",
+  "blocker": "string | null"
+}
+```
+
+## H. Output Target
+- Default delivery: stdout
+- Override flag: --output=<target>
+
+## I. Stop Conditions <- abort with error message, never emit partial output
+- critical test suite cannot run
+- result schema cannot be produced
+
+## J. Safety Constraints
+- Hard block: hard block when critical flow tests fail
+- Warn only: warn when flaky tests are excluded with justification

package/agents/commands/ux-bar.md

@@ -1,33 +1,58 @@
-# /ux-bar
-
-## A. Intent
-Set a minimum UX quality bar with clear criteria before UI implementation.
-
-## B. When to Use
-Use when a feature has user-facing interaction or visual design impact.
-
-## C. Required Inputs
-- Target user flow
-- Existing design language
-- Accessibility requirements
-
-## D. Deterministic Execution Flow
-1. Evaluate key interaction states.
-2. Check visual hierarchy and clarity.
-3. Validate accessibility coverage.
-4. Identify UX risks and gaps.
-5. Emit UX quality checklist.
-
-## E. Structured Output Template
-- `ux_scorecard[]`
-- `interaction_states[]`
-- `accessibility_checks[]`
-- `ux_gaps[]`
-- `improvements[]`
-
-## F. Stop Conditions
-- Critical flow has undefined state handling.
-- Accessibility constraints are missing.
-
-## G. Safety Constraints
-- Preserve existing design system patterns unless an explicit redesign is approved.
+# /ux-bar
+
+## A. Intent
+Assess UX quality bar and guarantee core interaction states are defined before build.
+
+## B. When to Use
+- Use when UX quality and accessibility need pre-implementation validation.
+- Do not use as a replacement for visual design exploration.
+
+## C. Context Assumptions
+- Scope and architecture are available.
+- Primary user flows are identified.
+- Design references exist.
+
+## D. Required Inputs
+| Input | Type | Example |
+|---------------------|------------|----------------------------------|
+| `ux_goal` | string | "reduce checkout friction" |
+| `flows` | string[] | ["cart", "payment", "confirmation"] |
+| `design_artifact` | artifact | wireframes, Figma link, screenshots |
+
+## E. Pre-Execution Guards <- fail fast, check ALL before running
+- [ ] critical flows are enumerated
+- [ ] interaction states include loading/error/empty
+- [ ] accessibility checks are defined
+
+## F. Execution Flow
+1. Review flows and interaction states.
+2. Evaluate accessibility and usability risks.
+3. Score UX gaps by severity.
+4. Decision point ->
+   - condition A -> critical UX gap -> block readiness
+   - condition B ->  manageable gaps -> continue.
+5. Build prioritized improvement list.
+6. Emit UX quality package.
+
+## G. Output Schema
+
+```json
+{
+  "ux_review_id": "string",
+  "ux_gaps": ["array","of","strings"],
+  "severity": "low | medium | high",
+  "blocker": "string | null"
+}
+```
+
+## H. Output Target
+- Default delivery: stdout
+- Override flag: --output=<target>
+
+## I. Stop Conditions <- abort with error message, never emit partial output
+- critical flow lacks defined interaction states
+- accessibility baseline is not addressed
+
+## J. Safety Constraints
+- Hard block: hard block on unaddressed critical accessibility failures
+- Warn only: warn when medium UX issues are deferred

package/lib/workflow.js

@@ -48,20 +48,12 @@ const WORKFLOW_COMMANDS = [
     description: 'Run a production-risk review on active changes.'
   },
   {
-    cli: 'quality-gate',
-    slash: '/quality-gate',
-    purpose: 'quality-gating',
-    specialist: 'Quality Gatekeeper',
-    contract: 'test.md',
-    description: 'Validate behavior, capture regressions, and enforce quality gates.'
-  },
-  {
-    cli: 'perf-scan',
-    slash: '/perf-scan',
-    purpose: 'performance-regression-check',
+    cli: 'perf',
+    slash: '/perf',
+    purpose: 'performance-optimization-and-regression-check',
     specialist: 'Performance Analyst',
     contract: 'perf.md',
-    description: 'Record baseline performance and compare before/after changes.'
+    description: 'Optimize performance and validate baseline-vs-candidate regression safety.'
   },
   {
     cli: 'release-ready',
@@ -72,12 +64,12 @@ const WORKFLOW_COMMANDS = [
     description: 'Prepare release branch, tests, and release checklist artifacts.'
   },
   {
-    cli: 'docs-sync',
-    slash: '/docs-sync',
-    purpose: 'documentation-synchronization',
+    cli: 'docs',
+    slash: '/docs',
+    purpose: 'documentation-update-and-synchronization',
     specialist: 'Documentation Engineer',
     contract: 'docs.md',
-    description: 'Update README and architecture docs to match shipped behavior.'
+    description: 'Update and synchronize README and architecture docs to match shipped behavior.'
   },
   {
     cli: 'learn-loop',
@@ -94,9 +86,7 @@ const CONTRACT_FILES = [
   'README.md',
   'plan.md',
   'task.md',
-  'scaffold.md',
   'fix.md',
-  'refactor.md',
   'audit.md',
   'perf.md',
   'test.md',
@@ -112,10 +102,7 @@ const SPECIALIST_CONTRACT_FILES = [
   'ux-bar.md',
   'debug-track.md',
   'risk-review.md',
-  'quality-gate.md',
-  'perf-scan.md',
   'release-ready.md',
-  'docs-sync.md',
   'learn-loop.md'
 ];
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agents-templated",
-  "version": "2.2.11",
+  "version": "2.2.12",
   "description": "Technology-agnostic development template with multi-AI agent support (Cursor, Copilot, VSCode, Gemini), security-first patterns, and comprehensive testing guidelines",
   "main": "index.js",
   "bin": {

package/templates/CLAUDE.md

@@ -32,6 +32,9 @@ All policy, routing, and skill governance lives here — edit this file directly
 |-------|------|------------------|
 | app-hardening | `.github/skills/app-hardening/SKILL.md` | Hardening, anti-tamper, integrity controls |
 | bug-triage | `.github/skills/bug-triage/SKILL.md` | Something is broken, failing, or crashing |
+| debug-skill | `.github/skills/debug-skill/SKILL.md` | Breakpoint-first debugging, execution tracing, state inspection |
+| secure-code-guardian | `.github/skills/secure-code-guardian/SKILL.md` | Secure-by-default coding for auth, secrets, and user input |
+| feature-forge | `.github/skills/feature-forge/SKILL.md` | Turn feature ideas into execution-ready requirements and acceptance criteria |
 | error-patterns | `.github/skills/error-patterns/SKILL.md` | Debugging with persistent lessons memory and automatic fix recording |
 | feature-delivery | `.github/skills/feature-delivery/SKILL.md` | Build/add/implement feature work |
 | find-skills | `.github/skills/find-skills/SKILL.md` | User asks to discover a skill |

package/templates/README.md

@@ -237,10 +237,9 @@ These commands provide deterministic specialist guidance aligned to the sprint l
 | `ux-bar` | Design Quality Lead | Raise UX quality before implementation |
 | `debug-track` | Root-Cause Investigator | Reproduce and isolate root cause |
 | `risk-review` | Release Risk Reviewer | Surface production-risk issues before merge |
-| `quality-gate` | Quality Gatekeeper | Validate behavior and regression safety |
-| `perf-scan` | Performance Analyst | Capture performance baseline and deltas |
+| `perf` | Performance Analyst | Optimize performance and guard against regressions |
 | `release-ready` | Release Coordinator | Prepare release artifacts and final checks |
-| `docs-sync` | Documentation Engineer | Sync docs with shipped behavior |
+| `docs` | Documentation Engineer | Sync docs with shipped behavior |
 | `learn-loop` | Iteration Lead | Capture lessons and next-cycle actions |
 
 Each command maps to deterministic contract files in `agents/commands/` and uses the schema in `agents/commands/SCHEMA.md`.

package/templates/agents/commands/README.md

@@ -7,9 +7,7 @@ This directory is the modular source of truth for slash-command execution contra
 - Command contracts:
   - `plan.md`
   - `task.md`
-  - `scaffold.md`
   - `fix.md`
-  - `refactor.md`
   - `audit.md`
   - `perf.md`
   - `test.md`
@@ -22,10 +20,7 @@ This directory is the modular source of truth for slash-command execution contra
   - `ux-bar.md`
   - `debug-track.md`
   - `risk-review.md`
-  - `quality-gate.md`
-  - `perf-scan.md`
   - `release-ready.md`
-  - `docs-sync.md`
   - `learn-loop.md`
 
 Execution requirements:
@@ -58,10 +53,9 @@ Use these lifecycle commands as the recommended specialist sequence:
 - `ux-bar` -> `plan.md`
 - `debug-track` -> `fix.md`
 - `risk-review` -> `audit.md`
-- `quality-gate` -> `test.md`
-- `perf-scan` -> `perf.md`
+- `perf` -> `perf.md`
 - `release-ready` -> `release.md`
-- `docs-sync` -> `docs.md`
+- `docs` -> `docs.md`
 - `learn-loop` -> `task.md`
 
 The CLI command `agents-templated workflow` prints this lifecycle in order:

package/templates/agents/commands/arch-check.md

@@ -1,33 +1,58 @@
-# /arch-check
-
-## A. Intent
-Validate architecture decisions, dependency boundaries, and failure handling before coding.
-
-## B. When to Use
-Use after scope lock and before implementation starts.
-
-## C. Required Inputs
-- Scoped feature set
-- Existing system boundaries
-- Non-functional requirements
-
-## D. Deterministic Execution Flow
-1. Map data and control flow.
-2. Identify component boundaries.
-3. Enumerate failure modes.
-4. Define testing and validation checkpoints.
-5. Emit architecture decision set.
-
-## E. Structured Output Template
-- `architecture_summary`
-- `boundaries[]`
-- `data_flow`
-- `failure_modes[]`
-- `validation_plan[]`
-
-## F. Stop Conditions
-- Critical dependency unclear.
-- Failure modes not covered.
-
-## G. Safety Constraints
-- Include security and testing gates for each critical path.
+# /arch-check
+
+## A. Intent
+Validate architecture readiness and implementation constraints before build begins.
+
+## B. When to Use
+- Use after scope lock and before implementation starts.
+- Do not use for post-release retrospectives.
+
+## C. Context Assumptions
+- Scope is frozen for current increment.
+- Architecture options are documented.
+- Test strategy can be defined.
+
+## D. Required Inputs
+| Input | Type | Example |
+|---------------------|------------|----------------------------------|
+| `architecture_goal` | string | "multi-tenant API isolation" |
+| `design_options` | string[] | ["shared schema", "schema-per-tenant"] |
+| `design_artifact` | artifact | ADR doc, sequence diagram |
+
+## E. Pre-Execution Guards <- fail fast, check ALL before running
+- [ ] design options are comparable
+- [ ] key edge cases are identified
+- [ ] test strategy exists for selected design
+
+## F. Execution Flow
+1. Review architecture options and constraints.
+2. Evaluate edge cases and failure modes.
+3. Validate selected option against requirements.
+4. Decision point ->
+   - condition A -> critical gap found -> block readiness
+   - condition B ->  no critical gaps -> continue.
+5. Build architecture decision and test implications.
+6. Emit architecture readiness report.
+
+## G. Output Schema
+
+```json
+{
+  "architecture_id": "string",
+  "decisions": ["array","of","strings"],
+  "risk_level": "low | medium | high",
+  "blocker": "string | null"
+}
+```
+
+## H. Output Target
+- Default delivery: stdout
+- Override flag: --output=<target>
+
+## I. Stop Conditions <- abort with error message, never emit partial output
+- selected architecture lacks testable validation path
+- critical edge case has no mitigation
+
+## J. Safety Constraints
+- Hard block: hard block on architecture with unresolved critical failure modes
+- Warn only: warn when non-critical tradeoffs are accepted