npm - agents-templated - Versions diffs - 2.2.14 → 2.2.16 - Mend

agents-templated 2.2.14 → 2.2.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -32,6 +32,17 @@ Agents Templated is a project governance and agent-orchestration scaffold.
 - It installs rule modules in `.claude/rules/` for security, testing, planning, workflows, and guardrails.
 - It includes `validate`, `doctor`, `update`, and `workflow` commands to keep scaffolds healthy over time.
+## Orchestration-First Workflow (Current Model)
+The current model is orchestration-first: give one objective and let the CLI generate a deterministic multi-phase specialist handoff.
+- Use `agents-templated orchestrate "<objective>"` to run end-to-end routing.
+- Subagent selection is automatic and policy-driven from `CLAUDE.md`.
+- Mode-locked specialists require explicit mode handling (`qa-specialist`, `performance-specialist`).
+- Security escalation is conditionally mandatory based on trigger conditions.
+- Deprecated specialist aliases are redirected to canonical agents with explicit notices.
+- Orchestration stops on blocked/failed phases and returns structured stop conditions.
 What it is not:
 - Not a framework generator.
@@ -51,6 +62,7 @@ npx agents-templated@latest wizard
 ```bash
 agents-templated workflow
 agents-templated problem-map "daily briefing assistant for founders"
+agents-templated orchestrate "build auth API and admin dashboard"
 ```
 ### 3. Optional preset bootstrap
@@ -111,6 +123,7 @@ Your AI assistant will auto-load the configurations and follow enterprise patter
 | **Interactive Wizard** | Guided setup with personalized recommendations |
 | **AI Agents Supported** | Cursor, GitHub Copilot, Claude, and generic agents via `AGENTS.MD` |
 | **Deterministic Commands** | Slash-command contracts with strict structured outputs |
+| **Automatic Orchestration** | Objective-to-specialist auto-routing via `orchestrate` with deterministic phase outputs |
 | **Intent-Routing Ready** | Command schema supports `slash-command-auto` mode for agent-side routing policies |
 | **Security-First** | OWASP Top 10 protection patterns built-in |
 | **Hardening Workflow** | Risk-based hardening rules plus verification/release gates |
@@ -238,6 +251,7 @@ agents-templated list
 # Lifecycle workflow and specialist commands
 agents-templated workflow
+agents-templated orchestrate "build auth API and dashboard"
 ```
 ### Workflow Commands
@@ -260,6 +274,28 @@ These commands provide deterministic specialist guidance aligned to the sprint l
 Each command maps to deterministic contract files in `.claude/commands/` and uses the schema in `.claude/commands/SCHEMA.md`.
+### Automatic Orchestration Command
+Use orchestration when you want the system to chain specialists automatically from one objective.
+```bash
+# Human-readable orchestration summary
+agents-templated orchestrate "build auth API and dashboard"
+# Structured output for pipelines and automation
+agents-templated orchestrate "prepare production deployment" --json
+# Force a specific scenario
+agents-templated orchestrate "ship release candidate" --scenario deployment --json
+```
+Orchestration behavior:
+- Uses deterministic routing and phase sequencing.
+- Enforces mode-lock constraints for `qa-specialist` and `performance-specialist`.
+- Includes deprecation notices when legacy aliases are routed.
+- Emits structured stop conditions if a phase is blocked or fails.
 ### Deprecated Workflow Aliases
 The CLI keeps selected legacy names as non-breaking redirects with deterministic notices.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "agents-templated",
-  "version": "2.2.14",
+  "version": "2.2.16",
   "description": "Technology-agnostic development template with multi-AI agent support (Cursor, Copilot, VSCode, Gemini), security-first patterns, and comprehensive testing guidelines",
   "main": "index.js",
   "bin": {

package/templates/CLAUDE.md CHANGED Viewed

@@ -50,28 +50,51 @@ Skills add capability only. They must not override security, testing, or core co
 | Subagent | Path | Invoke when... |
 |----------|------|----------------|
-| planner | `.claude/agents/planner.md` | Breaking down features into phased plans |
+| planner | `.claude/agents/planner.md` | Breaking down features into phased execution plans |
 | architect | `.claude/agents/architect.md` | System design decisions, ADRs, trade-off analysis |
-| tdd-guide | `.claude/agents/tdd-guide.md` | Writing tests before implementation |
-| code-reviewer | `.claude/agents/code-reviewer.md` | Reviewing code for quality and correctness |
-| security-reviewer | `.claude/agents/security-reviewer.md` | Scanning for security vulnerabilities |
-| build-error-resolver | `.claude/agents/build-error-resolver.md` | Fixing build and type errors |
-| e2e-runner | `.claude/agents/e2e-runner.md` | Running Playwright E2E test suites |
-| refactor-cleaner | `.claude/agents/refactor-cleaner.md` | Removing dead code and unused dependencies |
-| doc-updater | `.claude/agents/doc-updater.md` | Syncing docs and READMEs after code changes |
-| performance-profiler | `.claude/agents/performance-profiler.md` | Diagnosing latency, CPU, memory, and build bottlenecks |
-| performance-specialist | `.claude/agents/performance-specialist.md` | Diagnosing bottlenecks or validating performance thresholds with explicit mode |
-| test-data-builder | `.claude/agents/test-data-builder.md` | Building deterministic fixtures, seeds, and mock datasets for downstream validation |
-| dependency-auditor | `.claude/agents/dependency-auditor.md` | Auditing package risk, CVEs, and upgrade hygiene |
-| configuration-validator | `.claude/agents/configuration-validator.md` | Validating env settings, defaults, and deploy readiness |
+| backend-specialist | `.claude/agents/backend-specialist.md` | Implementing backend features, APIs, and server-side logic |
+| frontend-specialist | `.claude/agents/frontend-specialist.md` | Implementing UI, interaction, accessibility, and client-side state |
 | database-migrator | `.claude/agents/database-migrator.md` | Planning safe migrations with validation and rollback gates |
-| load-tester | `.claude/agents/load-tester.md` | Designing load tests with thresholds and pass/fail criteria |
-| compatibility-checker | `.claude/agents/compatibility-checker.md` | Reviewing API contract compatibility and versioning impact |
-| backend-specialist | `.claude/agents/backend-specialist.md` | Implementing backend-focused phases in orchestrated execution |
-| frontend-specialist | `.claude/agents/frontend-specialist.md` | Implementing frontend-focused phases in orchestrated execution |
-| qa-specialist | `.claude/agents/qa-specialist.md` | Running test and regression validation phases |
-| release-ops-specialist | `.claude/agents/release-ops-specialist.md` | Managing release hardening and operational readiness phases |
-| deployment-specialist | `.claude/agents/deployment-specialist.md` | Handling deployment planning, rollout checks, and rollback readiness |
+| deployment-specialist | `.claude/agents/deployment-specialist.md` | Deployment planning, config validation, rollout, and rollback |
+| performance-specialist | `.claude/agents/performance-specialist.md` | Bottleneck diagnosis (mode=profile) or load threshold validation (mode=load) |
+| qa-specialist | `.claude/agents/qa-specialist.md` | Pre-implementation test planning (mode=design) or post-implementation validation (mode=validation) |
+| e2e-runner | `.claude/agents/e2e-runner.md` | Running end-to-end test suites and reporting flakiness |
+| code-reviewer | `.claude/agents/code-reviewer.md` | Reviewing code for quality, correctness, and severity prioritization |
+| security-reviewer | `.claude/agents/security-reviewer.md` | Security risk gating — invoke when authn/authz, secrets, or new public endpoints are touched |
+| refactor-cleaner | `.claude/agents/refactor-cleaner.md` | Removing dead code and unused dependencies in approved cleanup windows |
+| build-error-resolver | `.claude/agents/build-error-resolver.md` | Fixing compile, type, lint, and import failures only |
+| compatibility-checker | `.claude/agents/compatibility-checker.md` | API contract compatibility and breaking-change verdicts |
+| dependency-auditor | `.claude/agents/dependency-auditor.md` | Auditing package risk, CVEs, and upgrade hygiene |
+| doc-updater | `.claude/agents/doc-updater.md` | Syncing docs and READMEs after accepted behavior changes |
+| test-data-builder | `.claude/agents/test-data-builder.md` | Building deterministic fixtures, seeds, and mock datasets |
+### Subagent Auto-Routing Rules
+When a task is received, automatically select and invoke the appropriate subagent(s) without waiting for explicit instruction. Follow these rules:
+- Always read `.claude/agents/<name>.md` before invoking that subagent to confirm its contract.
+- For multi-step tasks, chain subagents in dependency order — do not invoke all at once.
+- qa-specialist MUST be invoked with explicit mode:
+   - mode=design for pre-implementation test planning
+   - mode=validation for post-implementation sign-off
+   - If mode is unclear, HALT and ask before proceeding.
+- performance-specialist MUST be invoked with explicit mode:
+   - mode=profile for bottleneck diagnosis
+   - mode=load for threshold validation
+   - If mode is unclear, HALT and ask before proceeding.
+- security-reviewer is mandatory when any of these are true:
+   - Authentication, authorization, or session logic is touched
+   - A new public endpoint is added
+   - Secrets, credentials, or environment variables are changed
+   - dependency-auditor reports a High or Critical finding
+- deployment-specialist always runs internal phases in order:
+   release_readiness → config_validation → rollout_execution
+   Never skip or reorder phases.
+- build-error-resolver handles compile/lint/type failures only.
+   Do not route feature or architecture decisions through it.
+- refactor-cleaner max retry cap is 2 cycles. If build still fails after 2 cycles, HALT and escalate to the feature owner.
+- Deprecated agent names (tdd-guide, load-tester, performance-profiler, release-ops-specialist, configuration-validator) must redirect to their canonical replacements with a deprecation warning.
+   Never invoke deprecated agents directly.
 Subagents are bounded agents with limited tool access. They inherit all policy from this file and may not override security, testing, or core constraints.