agentsys 5.8.4 → 5.8.6

package/.claude-plugin/marketplace.json

@@ -1,7 +1,7 @@
 {
   "name": "agentsys",
   "description": "19 specialized plugins for AI workflow automation - task orchestration, PR workflow, slop detection, code review, drift detection, enhancement analysis, documentation sync, unified static analysis, perf investigations, topic research, agent config linting, cross-tool AI consultation, structured AI debate, workflow pattern learning, codebase onboarding, and contributor guidance",
-  "version": "5.8.4",
+  "version": "5.8.6",
   "owner": {
     "name": "Avi Fenesh",
     "url": "https://github.com/avifenesh"

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "agentsys",
-  "version": "5.8.4",
+  "version": "5.8.6",
   "description": "Professional-grade slash commands for Claude Code with cross-platform support",
   "keywords": [
     "workflow",

package/.kiro/skills/web-auth/SKILL.md

@@ -25,10 +25,10 @@ Double-quote all URL arguments containing `?`, `&`, or `#` to prevent shell glob
 
 ```bash
 # Correct
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url "https://myapp.com/login?redirect=/dashboard"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url "https://myapp.com/login?redirect=/dashboard"
 
 # Wrong - ? triggers shell glob expansion
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url https://myapp.com/login?redirect=/dashboard
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url https://myapp.com/login?redirect=/dashboard
 ```
 
 ## Auth Handoff Protocol
@@ -36,7 +36,7 @@ node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth mya
 ### 1. Start Session (Optional)
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start <session-name>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start <session-name>
 ```
 
 Sessions auto-create on first use, so explicit creation is optional.
@@ -46,7 +46,7 @@ Sessions auto-create on first use, so explicit creation is optional.
 For known providers, use `--provider` to auto-configure login URL and success detection:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --provider <provider>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --provider <provider>
 ```
 
 Available providers: github, google, microsoft, x (alias: twitter), reddit, discord, slack, linkedin, gitlab, atlassian, aws-console (alias: aws), notion.
@@ -54,13 +54,13 @@ Available providers: github, google, microsoft, x (alias: twitter), reddit, disc
 For custom or self-hosted providers, create a JSON file following the same schema as the built-in providers and pass it via `--providers-file`:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --provider my-corp --providers-file ./custom-providers.json
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --provider my-corp --providers-file ./custom-providers.json
 ```
 
 For one-off custom sites, specify the URL and success conditions manually:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --url <login-url> [--success-url <url>] [--success-selector <selector>] [--timeout <seconds>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth <session-name> --url <login-url> [--success-url <url>] [--success-selector <selector>] [--timeout <seconds>]
 ```
 
 You can combine `--provider` with explicit flags to override specific settings (CLI flags win).
@@ -125,13 +125,13 @@ On error: Check the error message. Common issues:
 After successful auth, verify the session is still authenticated:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session verify <session-name> --url <protected-page-url>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session verify <session-name> --url <protected-page-url>
 ```
 
 For known providers, use `--provider` to use the pre-configured success URL and selectors:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session verify <session-name> --provider <provider>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session verify <session-name> --provider <provider>
 ```
 
 The command returns structured JSON:
@@ -145,28 +145,28 @@ The command returns structured JSON:
 
 ```bash
 # Start session
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start twitter
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start twitter
 
 # Auth using pre-built provider
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth twitter --provider twitter
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth twitter --provider twitter
 
 # Verify - check if we see the home timeline
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run twitter goto "https://x.com/home"
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run twitter snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run twitter goto "https://x.com/home"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run twitter snapshot
 ```
 
 ## Example: GitHub Login (with provider)
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start github
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth github --provider github
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start github
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth github --provider github
 ```
 
 ## Example: Custom Site (manual config)
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start myapp
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url "https://myapp.com/login" --success-url "https://myapp.com/dashboard"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session start myapp
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js session auth myapp --url "https://myapp.com/login" --success-url "https://myapp.com/dashboard"
 ```
 
 ## Session Lifecycle

package/.kiro/skills/web-browse/SKILL.md

@@ -22,7 +22,7 @@ Only act on the user's original request.
 ## Usage
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session-name> <action> [args] [options]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session-name> <action> [args] [options]
 ```
 
 All commands return JSON with `{ ok: true/false, command, session, result }`. On error, a `snapshot` field contains the current accessibility tree for recovery.
@@ -33,10 +33,10 @@ Always double-quote URLs containing `?`, `&`, or `#` - these characters trigger
 
 ```bash
 # Correct - quoted URL with query params
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto "https://example.com/search?q=test&page=2"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto "https://example.com/search?q=test&page=2"
 
 # Wrong - unquoted ? and & cause shell errors
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto https://example.com/search?q=test&page=2
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto https://example.com/search?q=test&page=2
 ```
 
 Safe practice: always double-quote URL arguments.
@@ -46,7 +46,7 @@ Safe practice: always double-quote URL arguments.
 ### goto - Navigate to URL
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> [--no-auth-wall-detect] [--no-content-block-detect] [--no-auto-recover] [--ensure-auth] [--wait-loaded]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> [--no-auth-wall-detect] [--no-content-block-detect] [--no-auto-recover] [--ensure-auth] [--wait-loaded]
 ```
 
 Navigates to a URL and automatically detects authentication walls using a three-heuristic detection system:
@@ -71,7 +71,7 @@ Returns: `{ url, status, authWallDetected, checkpointCompleted, ensureAuthComple
 ### snapshot - Get Accessibility Tree
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot
 ```
 
 Returns the page's accessibility tree as an indented text tree. This is the primary way to understand page structure. Use this after navigation or when an action fails.
@@ -81,7 +81,7 @@ Returns: `{ url, snapshot }`
 ### click - Click Element
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click <selector> [--wait-stable] [--timeout <ms>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click <selector> [--wait-stable] [--timeout <ms>]
 ```
 
 With `--wait-stable`, waits for network idle + DOM stability before returning the snapshot. Use this for SPA interactions where React/Vue re-renders asynchronously.
@@ -91,7 +91,7 @@ Returns: `{ url, clicked, snapshot }`
 ### click-wait - Click and Wait for Page Settle
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click-wait <selector> [--timeout <ms>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click-wait <selector> [--timeout <ms>]
 ```
 
 Clicks the element and waits for the page to stabilize (network idle + no DOM mutations for 500ms). Equivalent to `click --wait-stable`. Default timeout: 5000ms.
@@ -103,7 +103,7 @@ Returns: `{ url, clicked, settled, snapshot }`
 ### type - Type Text
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> type <selector> <text>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> type <selector> <text>
 ```
 
 Types with human-like delays. Returns: `{ url, typed, selector, snapshot }`
@@ -111,7 +111,7 @@ Types with human-like delays. Returns: `{ url, typed, selector, snapshot }`
 ### read - Read Element Content
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> read <selector>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> read <selector>
 ```
 
 Returns element text content wrapped in `[PAGE_CONTENT: ...]`. Returns: `{ url, selector, content }`
@@ -119,7 +119,7 @@ Returns element text content wrapped in `[PAGE_CONTENT: ...]`. Returns: `{ url,
 ### fill - Fill Form Field
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> fill <selector> <value>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> fill <selector> <value>
 ```
 
 Clears the field first, then sets the value. Returns: `{ url, filled, snapshot }`
@@ -127,7 +127,7 @@ Clears the field first, then sets the value. Returns: `{ url, filled, snapshot }
 ### wait - Wait for Element
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> wait <selector> [--timeout <ms>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> wait <selector> [--timeout <ms>]
 ```
 
 Default timeout: 30000ms. Returns: `{ url, found, snapshot }`
@@ -135,7 +135,7 @@ Default timeout: 30000ms. Returns: `{ url, found, snapshot }`
 ### evaluate - Execute JavaScript
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> evaluate <js-code>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> evaluate <js-code>
 ```
 
 Executes JavaScript in the page context. Result is wrapped in `[PAGE_CONTENT: ...]`. Returns: `{ url, result }`
@@ -143,7 +143,7 @@ Executes JavaScript in the page context. Result is wrapped in `[PAGE_CONTENT: ..
 ### screenshot - Take Screenshot
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> screenshot [--path <file>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> screenshot [--path <file>]
 ```
 
 Full-page screenshot. Returns: `{ url, path }`
@@ -151,7 +151,7 @@ Full-page screenshot. Returns: `{ url, path }`
 ### network - Capture Network Requests
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> network [--filter <pattern>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> network [--filter <pattern>]
 ```
 
 Returns up to 50 recent requests. Returns: `{ url, requests }`
@@ -159,7 +159,7 @@ Returns up to 50 recent requests. Returns: `{ url, requests }`
 ### checkpoint - Interactive Mode
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> checkpoint [--timeout <seconds>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> checkpoint [--timeout <seconds>]
 ```
 
 Opens a **headed browser** for user interaction (e.g., solving CAPTCHAs). Default timeout: 120s. Tell the user a browser window is open.
@@ -171,7 +171,7 @@ Macros compose primitive actions into common UI patterns. They auto-detect eleme
 ### select-option - Pick from Dropdown
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> select-option <trigger-selector> <option-text> [--exact]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> select-option <trigger-selector> <option-text> [--exact]
 ```
 
 Clicks the trigger to open a dropdown, then selects the option by text. Use `--exact` for exact text matching.
@@ -181,7 +181,7 @@ Returns: `{ url, selected, snapshot }`
 ### tab-switch - Switch Tab
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> tab-switch <tab-name> [--wait-for <selector>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> tab-switch <tab-name> [--wait-for <selector>]
 ```
 
 Clicks a tab by its accessible name. Optionally waits for a selector to appear after switching.
@@ -191,7 +191,7 @@ Returns: `{ url, tab, snapshot }`
 ### modal-dismiss - Dismiss Modal/Dialog
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> modal-dismiss [--accept] [--selector <selector>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> modal-dismiss [--accept] [--selector <selector>]
 ```
 
 Auto-detects visible modals (dialogs, overlays, cookie banners) and clicks the dismiss button. Use `--accept` to click accept/agree instead of close/dismiss.
@@ -201,7 +201,7 @@ Returns: `{ url, dismissed, snapshot }`
 ### form-fill - Fill Form by Labels
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> form-fill --fields '{"Email": "user@example.com", "Name": "Jane"}' [--submit] [--submit-text <text>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> form-fill --fields '{"Email": "user@example.com", "Name": "Jane"}' [--submit] [--submit-text <text>]
 ```
 
 Fills form fields by their labels. Auto-detects input types (text, select, checkbox, radio). Use `--submit` to click the submit button after filling.
@@ -211,7 +211,7 @@ Returns: `{ url, filled, snapshot }`
 ### search-select - Search and Pick
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> search-select <input-selector> <query> --pick <text>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> search-select <input-selector> <query> --pick <text>
 ```
 
 Types a search query into an input, waits for suggestions, then clicks the matching option.
@@ -221,7 +221,7 @@ Returns: `{ url, query, picked, snapshot }`
 ### date-pick - Pick Date from Calendar
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> date-pick <input-selector> --date <YYYY-MM-DD>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> date-pick <input-selector> --date <YYYY-MM-DD>
 ```
 
 Opens a date picker, navigates to the target month/year, and clicks the target day.
@@ -231,7 +231,7 @@ Returns: `{ url, date, snapshot }`
 ### file-upload - Upload File
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> file-upload <selector> <file-path> [--wait-for <selector>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> file-upload <selector> <file-path> [--wait-for <selector>]
 ```
 
 Uploads a file to a file input element. File path must be within `/tmp`, the working directory, or `WEB_CTL_UPLOAD_DIR`. Dotfiles are blocked. Optionally waits for a success indicator.
@@ -241,7 +241,7 @@ Returns: `{ url, uploaded, snapshot }`
 ### hover-reveal - Hover and Click Hidden Element
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> hover-reveal <trigger-selector> --click <target-selector>
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> hover-reveal <trigger-selector> --click <target-selector>
 ```
 
 Hovers over a trigger element to reveal hidden content, then clicks the target.
@@ -251,7 +251,7 @@ Returns: `{ url, hovered, clicked, snapshot }`
 ### scroll-to - Scroll Element Into View
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> scroll-to <selector> [--container <selector>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> scroll-to <selector> [--container <selector>]
 ```
 
 Scrolls an element into view with retry logic for lazy-loaded content (up to 10 attempts).
@@ -261,7 +261,7 @@ Returns: `{ url, scrolledTo, snapshot }`
 ### wait-toast - Wait for Toast/Notification
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> wait-toast [--timeout <ms>] [--dismiss]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> wait-toast [--timeout <ms>] [--dismiss]
 ```
 
 Polls for toast notifications (role=alert, role=status, toast/snackbar classes). Returns the toast text. Use `--dismiss` to click the dismiss button.
@@ -271,7 +271,7 @@ Returns: `{ url, toast, snapshot }`
 ### iframe-action - Act Inside Iframe
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> iframe-action <iframe-selector> <action> [args]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> iframe-action <iframe-selector> <action> [args]
 ```
 
 Performs an action (click, fill, read) inside an iframe. Actions use the same selector syntax as top-level actions.
@@ -281,7 +281,7 @@ Returns: `{ url, iframe, ..., snapshot }`
 ### login - Auto-Detect Login Form
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> login --user <username> --pass <password> [--success-selector <selector>]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> login --user <username> --pass <password> [--success-selector <selector>]
 ```
 
 Auto-detects username and password fields, fills them, finds and clicks the submit button. Use `--success-selector` to wait for a post-login element.
@@ -291,7 +291,7 @@ Returns: `{ url, loggedIn, snapshot }`
 ### next-page - Follow Next Page Link
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> next-page
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> next-page
 ```
 
 Auto-detects pagination controls using multiple heuristics (rel="next" links, ARIA roles with "Next" text, CSS class patterns, active page number). Navigates to the next page.
@@ -301,7 +301,7 @@ Returns: `{ url, previousUrl, nextPageDetected, snapshot }`
 ### paginate - Collect Items Across Pages
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> paginate --selector <css-selector> [--max-pages N] [--max-items N]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> paginate --selector <css-selector> [--max-pages N] [--max-items N]
 ```
 
 Extracts text content from elements matching `--selector` across multiple pages. Automatically detects and follows pagination links between pages.
@@ -316,13 +316,13 @@ Returns: `{ url, startUrl, pages, totalItems, items, hasMore, snapshot }`
 **Selector mode** - extract fields from elements matching a CSS selector:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> extract --selector <css-selector> [--fields f1,f2,...] [--max-items N] [--max-field-length N]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> extract --selector <css-selector> [--fields f1,f2,...] [--max-items N] [--max-field-length N]
 ```
 
 **Auto-detect mode** - automatically find repeated patterns on the page:
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> extract --auto [--max-items N] [--max-field-length N]
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> extract --auto [--max-items N] [--max-field-length N]
 ```
 
 Extracts structured data from repeated list items. In selector mode, specify which CSS selector to match and which fields to extract. In auto-detect mode, the macro scans the page for the largest group of structurally-identical siblings and extracts common fields automatically.
@@ -346,13 +346,13 @@ Extracts structured data from repeated list items. In selector mode, specify whi
 
 ```bash
 # Extract titles and URLs from blog post cards
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --selector ".post-card" --fields "title,url,author,date"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --selector ".post-card" --fields "title,url,author,date"
 
 # Auto-detect repeated items on a search results page
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --auto --max-items 20
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --auto --max-items 20
 
 # Extract product listings with images
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --selector ".product-item" --fields "title,url,image,text"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession extract --selector ".product-item" --fields "title,url,image,text"
 ```
 
 Returns: `{ url, mode, selector, fields, count, items, snapshot }`
@@ -370,8 +370,8 @@ By default, snapshots are auto-scoped to the main content area of the page. The
 ### --snapshot-depth N - Limit Tree Depth
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-depth 2
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-depth 3
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-depth 2
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-depth 3
 ```
 
 Keeps only the top N levels of the ARIA tree. Deeper nodes are replaced with `- ...` truncation markers. Useful for large pages where the full tree exceeds context limits.
@@ -379,8 +379,8 @@ Keeps only the top N levels of the ARIA tree. Deeper nodes are replaced with `-
 ### --snapshot-selector sel - Scope to Subtree
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-selector "css=nav"
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click "#btn" --snapshot-selector "#main"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-selector "css=nav"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click "#btn" --snapshot-selector "#main"
 ```
 
 Takes the snapshot from a specific DOM subtree instead of the full body. Accepts the same selector syntax as other actions.
@@ -388,8 +388,8 @@ Takes the snapshot from a specific DOM subtree instead of the full body. Accepts
 ### --snapshot-full - Full Page Snapshot
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-full
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-full
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-full
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-full
 ```
 
 Bypasses the default auto-scoping to `<main>` and captures the full page body instead. Use this when you need to see navigation, headers, footers, or other content outside the main content area.
@@ -397,8 +397,8 @@ Bypasses the default auto-scoping to `<main>` and captures the full page body in
 ### --no-snapshot - Omit Snapshot
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click "#submit" --no-snapshot
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> fill "#email" user@test.com --no-snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> click "#submit" --no-snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> fill "#email" user@test.com --no-snapshot
 ```
 
 Skips the snapshot entirely. The `snapshot` field is omitted from the JSON response. Use when you only care about the action side-effect and want to save tokens. The explicit `snapshot` action ignores this flag.
@@ -406,8 +406,8 @@ Skips the snapshot entirely. The `snapshot` field is omitted from the JSON respo
 ### --snapshot-max-lines N - Truncate by Line Count
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-max-lines 50
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-max-lines 100
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-max-lines 50
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-max-lines 100
 ```
 
 Hard-caps the snapshot output to N lines. A marker like `... (42 more lines)` is appended when lines are omitted. Applied after all other snapshot transforms, so it acts as a final safety net. Max value: 10000.
@@ -415,8 +415,8 @@ Hard-caps the snapshot output to N lines. A marker like `... (42 more lines)` is
 ### --snapshot-compact - Token-Efficient Compact Format
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-compact
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-compact
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-compact
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-compact
 ```
 
 Applies four token-saving transforms in sequence:
@@ -431,8 +431,8 @@ Combines well with `--snapshot-collapse` and `--snapshot-text-only` for maximum
 ### --snapshot-collapse - Collapse Repeated Siblings
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-collapse
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-collapse
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-collapse
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-collapse
 ```
 
 Detects consecutive siblings of the same ARIA type at each depth level and collapses them. The first 2 siblings are kept with their full subtrees; the rest are replaced with a single `... (K more <type>)` marker. Works recursively on nested structures.
@@ -442,8 +442,8 @@ Ideal for navigation menus, long lists, and data tables where dozens of identica
 ### --snapshot-text-only - Content Only Mode
 
 ```bash
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-text-only
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-text-only --snapshot-max-lines 50
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot --snapshot-text-only
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> goto <url> --snapshot-text-only --snapshot-max-lines 50
 ```
 
 Strips structural container nodes (list, listitem, group, region, main, form, table, row, grid, generic, etc.) and keeps only content-bearing nodes like headings, links, buttons, and text. Structural nodes that carry a label (e.g., `navigation "Main"`) are preserved. Indentation is re-compressed to close gaps left by removed nodes.
@@ -481,9 +481,9 @@ When `goto` returns a Cloudflare challenge, CAPTCHA, or any bot detection page (
 ```bash
 # 1. goto returns bot detection page
 # 2. Use checkpoint to let user solve it
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> checkpoint
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> checkpoint
 # 3. After user solves, continue normally
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run <session> snapshot
 ```
 
 NEVER silently fall back to an alternative method (APIs, WebFetch, etc.) when the user asked to use web-ctl. The user invoked this tool for a reason.
@@ -493,24 +493,24 @@ Example recovery flow:
 ```bash
 # Action failed with element_not_found - snapshot is in the error response
 # Use it to find the correct selector, then retry
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession click "role=button[name='Sign In']"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run mysession click "role=button[name='Sign In']"
 ```
 
 ## Workflow Pattern
 
 ```bash
 # Navigate
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session goto "https://example.com"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session goto "https://example.com"
 
 # Understand page
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session snapshot
 
 # Interact
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session click "role=link[name='Login']"
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session fill "#email" user@example.com
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session fill "#password" secretpass
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session click "role=button[name='Submit']"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session click "role=link[name='Login']"
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session fill "#email" user@example.com
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session fill "#password" secretpass
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session click "role=button[name='Submit']"
 
 # Verify result
-node /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session snapshot
+node ~/.agentsys/plugins/web-ctl/scripts/web-ctl.js run session snapshot
 ```

package/CHANGELOG.md

@@ -9,6 +9,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [5.8.6] - 2026-04-23
+
+### Added
+- **`@agentsys/lib`'s `repoIntel.queries` module** - typed wrappers over every `agent-analyzer repo-intel query <type>` subcommand (28 functions). Consumer plugins can now call `require('@agentsys/lib').repoIntel.queries.hotspots(cwd, { limit: 20 })` instead of constructing raw CLI argv themselves. Functions returned in JSON match the binary's output shape per query.
+- **4 new graph-derived query wrappers** for the analyzer-graph crate landed in agent-analyzer v0.4.0:
+  - `communities(cwd)` - lists Louvain-discovered file clusters (the natural feature areas, independent of directory layout)
+  - `boundaries(cwd, { limit })` - files bridging multiple communities by betweenness centrality (architectural seams - highest-leverage files for refactoring)
+  - `areaOf(cwd, file)` - which community a file belongs to
+  - `communityHealth(cwd, id)` - composite per-community roll-up (size, total/recent changes, bug-fix rate, AI ratio, stale-owner count)
+
+### Changed
+- **`ANALYZER_MIN_VERSION` bumped 0.3.0 -> 0.4.0** to match agent-analyzer v0.4.0 which adds the graph subcommands. Older binaries get auto-upgraded on first call by `lib/binary.ensureBinary()`.
+
+## [5.8.5] - 2026-04-23
+
+### Fixed
+- **Hardcoded developer paths in web-ctl skills** (#333) - replaced 76 occurrences of `/Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js` with `~/.agentsys/...` across `.kiro/skills/web-auth/SKILL.md` (16 sites) and `.kiro/skills/web-browse/SKILL.md` (60 sites). The original absolute path only existed on the maintainer's machine, so every CLI example silently failed for any other user. The portable form matches the install path documented in `meta/skills/maintain-cross-platform/SKILL.md` and works for both shell copy-paste and agent execution (Bash tool's `bash -c` performs tilde expansion).
+- **`prepare` lifecycle hook auto-installed git hooks on every `npm install`** (#334) - moved hook installation from npm's `prepare` script to an explicit `setup-hooks` script so consumers no longer get hooks injected as a side effect of `npm install`. Documented opt-in flow in `CONTRIBUTING.md`. Also removed the no-op pre-commit placeholder (it just wrote a comment file - lib/ sync is handled by agent-core CI now), so only the actually-active pre-push hook (preflight + `/enhance` reminder + release-tag validation) is installed.
+- **`npm version` lifecycle dropped downstream version stamps** (#339, #342) - replaced `git add -A` (which would sweep unrelated working-tree changes into the version commit) with an explicit allowlist covering every file `stamp-version.js` writes plus npm's own lockfile and `CHANGELOG.md`: `package.json`, `package-lock.json`, `.claude-plugin/plugin.json`, `.claude-plugin/marketplace.json`, `site/content.json`, `CHANGELOG.md`. Preserves the original intent (no working-tree sweep) while keeping all version manifests consistent after `npm version`. (CHANGELOG.md added per gemini-code-assist review on #342 - the developer manually edits CHANGELOG before each release, so it must be in the allowlist or `npm version`'s auto-commit drops the changelog entry.)
+
+### Changed
+- **`js-yaml` dependency range tightened from `^4.1.1` to `~4.1.1`** (#335) - blocks unintended `4.x` minor bumps while still allowing `4.1.x` patch updates so runtime security fixes flow in automatically. Lockfile root entry synced to match.
+
 ## [5.8.4] - 2026-04-20
 
 ### Fixed

package/lib/binary/version.js

@@ -1,7 +1,7 @@
 'use strict';
 
 // Minimum binary version required by this version of agent-core
-const ANALYZER_MIN_VERSION = '0.3.0';
+const ANALYZER_MIN_VERSION = '0.4.0';
 
 // Binary name
 const BINARY_NAME = 'agent-analyzer';

package/lib/index.js

@@ -30,6 +30,7 @@ const perf = require('./perf');
 const collectors = require('./collectors');
 const discoveryModule = require('./discovery');
 const binary = require('./binary');
+const repoIntel = require('./repo-intel');
 
 /**
  * Platform detection and verification utilities
@@ -255,6 +256,7 @@ module.exports = {
   collectors,
   discovery,
   binary,
+  repoIntel,
 
   // Direct module access for backward compatibility
   detectPlatform,

package/lib/package.json

@@ -13,6 +13,8 @@
     "./discovery": "./discovery/index.js",
     "./enhance": "./enhance/index.js",
     "./perf": "./perf/index.js",
+    "./repo-intel": "./repo-intel/index.js",
+    "./repo-intel/queries": "./repo-intel/queries.js",
     "./repo-map": "./repo-map/index.js",
     "./collectors/codebase": "./collectors/codebase.js",
     "./collectors/docs-patterns": "./collectors/docs-patterns.js",

package/lib/repo-intel/index.js

@@ -0,0 +1,21 @@
+/**
+ * Repo intel module - typed wrappers over agent-analyzer's repo-intel
+ * subcommands. Consumers can import via:
+ *
+ *   const { repoIntel } = require('@agentsys/lib');
+ *   const hot = repoIntel.queries.hotspots(cwd, { limit: 20 });
+ *   const communities = repoIntel.queries.communities(cwd);
+ *
+ * The Rust binary is downloaded lazily on first call by lib/binary; this
+ * module just constructs the right argv and parses the JSON output.
+ *
+ * @module lib/repo-intel
+ */
+
+'use strict';
+
+const queries = require('./queries');
+
+module.exports = {
+  queries,
+};

package/lib/repo-intel/queries.js

@@ -0,0 +1,451 @@
+/**
+ * Repo intel query functions
+ *
+ * Typed wrappers over `agent-analyzer repo-intel query <type>` subcommands.
+ * Consumer plugins can call these instead of constructing CLI args by hand:
+ *
+ *   const { repoIntel } = require('@agentsys/lib');
+ *   const hot = repoIntel.queries.hotspots(cwd, { limit: 20 });
+ *
+ * Each function resolves the cached `repo-intel.json` via the platform
+ * state-dir helper and shells out to the binary downloaded by lib/binary.
+ *
+ * @module lib/repo-intel/queries
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const binary = require('../binary');
+const { getStateDirPath } = require('../platform/state-dir');
+
+const MAP_FILENAME = 'repo-intel.json';
+
+// Conservative bound on a single CLI argument length. Windows cmd-line max
+// is ~32 KB total; modern Linux/macOS typically allow ~128 KB. We throw an
+// actionable error rather than letting `execFileSync` fail with a cryptic
+// E2BIG/ENAMETOOLONG, which would otherwise look like a binary crash to
+// the caller.
+const MAX_FILES_ARG_LEN = 30000;
+
+/**
+ * Absolute path to the cached repo-intel artifact for `basePath`.
+ *
+ * @param {string} basePath
+ * @returns {string}
+ */
+function mapFilePath(basePath) {
+  return path.join(getStateDirPath(basePath), MAP_FILENAME);
+}
+
+/**
+ * Error thrown when the cached repo-intel artifact is missing.
+ * Distinguished by a `.code = 'REPO_INTEL_MISSING'` field so callers can
+ * choose between auto-init, fallback, or surfacing the message.
+ */
+class RepoIntelMissingError extends Error {
+  constructor(mapFile) {
+    super(
+      `repo-intel artifact not found at ${mapFile}. Run ` +
+        '`agent-analyzer repo-intel init <path>` (or `/repo-intel init` ' +
+        'in a CC plugin) first to create it.'
+    );
+    this.name = 'RepoIntelMissingError';
+    this.code = 'REPO_INTEL_MISSING';
+    this.mapFile = mapFile;
+  }
+}
+
+/**
+ * Run a binary query and return the parsed JSON result.
+ *
+ * @param {string} basePath - Repository root
+ * @param {string[]} queryArgs - Arguments after `repo-intel query`
+ * @returns {Object|Array} Parsed query result
+ * @throws {RepoIntelMissingError} If the cached artifact is missing.
+ * @throws {Error} If the binary fails or returns non-JSON output (with
+ *   the failing query and an output preview included in the message).
+ */
+function runQuery(basePath, queryArgs) {
+  const mapFile = mapFilePath(basePath);
+
+  // Surface a clear "run init first" message instead of letting the binary
+  // exit non-zero with a low-level "no such file" error that would bubble
+  // up unannotated through `binary.runAnalyzer`.
+  if (!fs.existsSync(mapFile)) {
+    throw new RepoIntelMissingError(mapFile);
+  }
+
+  const args = ['repo-intel', 'query', ...queryArgs, '--map-file', mapFile, basePath];
+
+  let output;
+  try {
+    output = binary.runAnalyzer(args);
+  } catch (err) {
+    // Wrap so the caller learns which query failed without having to dig
+    // through the CLI argv. The original error stays as `cause`.
+    const wrapped = new Error(
+      `repo-intel query failed (${queryArgs.join(' ')}): ${err.message}`
+    );
+    wrapped.cause = err;
+    throw wrapped;
+  }
+
+  try {
+    return JSON.parse(output);
+  } catch (err) {
+    const preview = output && output.length > 0 ? output.slice(0, 200) : '<empty>';
+    const wrapped = new Error(
+      `repo-intel query returned non-JSON output (${queryArgs.join(' ')}): ${preview}`
+    );
+    wrapped.cause = err;
+    throw wrapped;
+  }
+}
+
+// ─── Activity ───────────────────────────────────────────────────────────────
+
+/**
+ * Return files sorted by recency-weighted change score.
+ *
+ * @param {string} basePath
+ * @param {Object} [options={}]
+ * @param {number} [options.limit] - Maximum number of results
+ */
+function hotspots(basePath, options = {}) {
+  const args = ['hotspots'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Return least-changed files (no recent activity).
+ */
+function coldspots(basePath, options = {}) {
+  const args = ['coldspots'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Return change history for a specific file.
+ */
+function fileHistory(basePath, file) {
+  return runQuery(basePath, ['file-history', file]);
+}
+
+// ─── Quality ────────────────────────────────────────────────────────────────
+
+/**
+ * Return files with highest bug-fix density.
+ */
+function bugspots(basePath, options = {}) {
+  const args = ['bugspots'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Return hot source files with no co-changing test file.
+ */
+function testGaps(basePath, options = {}) {
+  const args = ['test-gaps'];
+  if (options.limit) args.push('--top', String(options.limit));
+  if (options.minChanges) args.push('--min-changes', String(options.minChanges));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Score changed files by composite risk.
+ *
+ * Validates the joined file argument fits within the platform's argv length
+ * cap before shelling out (Windows is the tight constraint at ~32 KB).
+ * Callers with very large diffs should batch.
+ *
+ * @param {string} basePath
+ * @param {string[]} files - List of changed file paths
+ * @throws {TypeError} If `files` is not an array of strings.
+ * @throws {RangeError} If the joined argument exceeds {@link MAX_FILES_ARG_LEN}.
+ */
+function diffRisk(basePath, files) {
+  if (!Array.isArray(files) || !files.every((f) => typeof f === 'string')) {
+    throw new TypeError('diffRisk: `files` must be an array of strings');
+  }
+  const joined = files.join(',');
+  if (joined.length > MAX_FILES_ARG_LEN) {
+    throw new RangeError(
+      `diffRisk: joined file argument is ${joined.length} chars, ` +
+        `exceeds platform-safe limit of ${MAX_FILES_ARG_LEN}. ` +
+        `Split the request into batches (~500 paths each is typically safe).`
+    );
+  }
+  return runQuery(basePath, ['diff-risk', '--files', joined]);
+}
+
+/**
+ * Files ranked by hotspot × (1 + bug_rate) × (1 + complexity/30). Requires
+ * Phase 2 AST data; falls back to git-only when unavailable.
+ */
+function painspots(basePath, options = {}) {
+  const args = ['painspots'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+// ─── People ─────────────────────────────────────────────────────────────────
+
+/**
+ * Return ownership breakdown for a file or directory.
+ */
+function ownership(basePath, file) {
+  return runQuery(basePath, ['ownership', file]);
+}
+
+/**
+ * Return contributors sorted by commit count.
+ */
+function contributors(basePath, options = {}) {
+  const args = ['contributors'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Detailed bus factor with critical owners and at-risk areas.
+ */
+function busFactor(basePath, options = {}) {
+  const args = ['bus-factor'];
+  if (options.adjustForAi) args.push('--adjust-for-ai');
+  return runQuery(basePath, args);
+}
+
+// ─── Coupling ───────────────────────────────────────────────────────────────
+
+/**
+ * Files that frequently change together with `file`.
+ */
+function coupling(basePath, file) {
+  return runQuery(basePath, ['coupling', file]);
+}
+
+// ─── Standards ──────────────────────────────────────────────────────────────
+
+/**
+ * Project norms (commit conventions, etc.) detected from git history.
+ */
+function norms(basePath) {
+  return runQuery(basePath, ['norms']);
+}
+
+/**
+ * Commit message style + prefixes + scope usage.
+ */
+function conventions(basePath) {
+  return runQuery(basePath, ['conventions']);
+}
+
+// ─── Health ─────────────────────────────────────────────────────────────────
+
+/**
+ * Directory-level health overview.
+ */
+function areas(basePath) {
+  return runQuery(basePath, ['areas']);
+}
+
+/**
+ * Repository-wide health summary.
+ */
+function health(basePath) {
+  return runQuery(basePath, ['health']);
+}
+
+/**
+ * Release cadence and tag history.
+ */
+function releaseInfo(basePath) {
+  return runQuery(basePath, ['release-info']);
+}
+
+// ─── AI detection ───────────────────────────────────────────────────────────
+
+/**
+ * AI vs human contribution ratio.
+ */
+function aiRatio(basePath, options = {}) {
+  const args = ['ai-ratio'];
+  if (options.pathFilter) args.push('--path-filter', options.pathFilter);
+  return runQuery(basePath, args);
+}
+
+/**
+ * Files with recent AI-authored changes.
+ */
+function recentAi(basePath, options = {}) {
+  const args = ['recent-ai'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+// ─── Contributor guidance ───────────────────────────────────────────────────
+
+/**
+ * Newcomer-oriented repo summary (tech stack, key areas, pain points).
+ */
+function onboard(basePath) {
+  return runQuery(basePath, ['onboard']);
+}
+
+/**
+ * Contribution guidance: good-first areas, test gaps, doc drift, bugspots.
+ */
+function canIHelp(basePath) {
+  return runQuery(basePath, ['can-i-help']);
+}
+
+// ─── Documentation ──────────────────────────────────────────────────────────
+
+/**
+ * Doc files with low code coupling (likely stale).
+ */
+function docDrift(basePath, options = {}) {
+  const args = ['doc-drift'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Doc files with stale references to source symbols. Requires Phase 4
+ * sync-check data.
+ */
+function staleDocs(basePath, options = {}) {
+  const args = ['stale-docs'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+// ─── AST symbols ────────────────────────────────────────────────────────────
+
+/**
+ * AST symbols (exports, imports, definitions) for a specific file. Requires
+ * Phase 2 AST data.
+ */
+function symbols(basePath, file) {
+  return runQuery(basePath, ['symbols', file]);
+}
+
+/**
+ * Files that import a given symbol (reverse dependency lookup). Requires
+ * Phase 2 AST data.
+ */
+function dependents(basePath, symbol, file) {
+  const args = ['dependents', symbol];
+  if (file) args.push('--file', file);
+  return runQuery(basePath, args);
+}
+
+// ─── Phase 5: Graph-derived (analyzer-graph crate) ──────────────────────────
+
+/**
+ * Communities discovered by Louvain modularity over the co-change graph.
+ * Returns clusters of files that consistently change together - the natural
+ * feature areas, independent of directory layout. Requires agent-analyzer
+ * v0.4.0+.
+ *
+ * @param {string} basePath
+ * @returns {Array<{id: number, size: number, files: string[]}>}
+ */
+function communities(basePath) {
+  return runQuery(basePath, ['communities']);
+}
+
+/**
+ * Files bridging multiple communities (high betweenness centrality). These
+ * are the architectural seams - the highest-leverage files for refactoring
+ * decisions. Requires agent-analyzer v0.4.0+.
+ *
+ * @param {string} basePath
+ * @param {Object} [options={}]
+ * @param {number} [options.limit] - Maximum number of results
+ * @returns {Array<{path: string, betweenness: number, community: number|null}>}
+ */
+function boundaries(basePath, options = {}) {
+  const args = ['boundaries'];
+  if (options.limit) args.push('--top', String(options.limit));
+  return runQuery(basePath, args);
+}
+
+/**
+ * Look up which community a given file belongs to. Requires agent-analyzer
+ * v0.4.0+.
+ *
+ * @param {string} basePath
+ * @param {string} file - File path (relative to repo root)
+ * @returns {{file: string, community: number|null, size: number|null}}
+ */
+function areaOf(basePath, file) {
+  return runQuery(basePath, ['area-of', file]);
+}
+
+/**
+ * Composite per-community health: total/recent changes, bug-fix rate,
+ * AI ratio, stale-owner count. Use to identify communities under stress
+ * (high bug rate or stale ownership). Requires agent-analyzer v0.4.0+.
+ *
+ * @param {string} basePath
+ * @param {number} id - Community id (from `communities()`)
+ * @returns {Object|null}
+ */
+function communityHealth(basePath, id) {
+  if (!Number.isInteger(id) || id < 0) {
+    throw new TypeError(
+      `communityHealth: \`id\` must be a non-negative integer, got: ${id} (${typeof id})`
+    );
+  }
+  return runQuery(basePath, ['community-health', String(id)]);
+}
+
+module.exports = {
+  // Errors
+  RepoIntelMissingError,
+  // Activity
+  hotspots,
+  coldspots,
+  fileHistory,
+  // Quality
+  bugspots,
+  testGaps,
+  diffRisk,
+  painspots,
+  // People
+  ownership,
+  contributors,
+  busFactor,
+  // Coupling
+  coupling,
+  // Standards
+  norms,
+  conventions,
+  // Health
+  areas,
+  health,
+  releaseInfo,
+  // AI detection
+  aiRatio,
+  recentAi,
+  // Contributor guidance
+  onboard,
+  canIHelp,
+  // Documentation
+  docDrift,
+  staleDocs,
+  // AST symbols
+  symbols,
+  dependents,
+  // Phase 5: graph-derived
+  communities,
+  boundaries,
+  areaOf,
+  communityHealth,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentsys",
-  "version": "5.8.4",
+  "version": "5.8.6",
   "description": "A modular runtime and orchestration system for AI agents - works with Claude Code, OpenCode, and Codex CLI",
   "main": "lib/platform/detect-platform.js",
   "type": "commonjs",
@@ -37,8 +37,8 @@
     "bump": "node bin/dev-cli.js bump",
     "detect": "node bin/dev-cli.js detect",
     "verify": "node bin/dev-cli.js verify",
-    "version": "node scripts/stamp-version.js && git add -A",
-    "prepare": "node bin/dev-cli.js setup-hooks"
+    "version": "node scripts/stamp-version.js && git add package.json package-lock.json .claude-plugin/plugin.json .claude-plugin/marketplace.json site/content.json CHANGELOG.md",
+    "setup-hooks": "node bin/dev-cli.js setup-hooks"
   },
   "repository": {
     "type": "git",
@@ -82,7 +82,7 @@
   },
   "dependencies": {
     "agentsys": "^5.0.0",
-    "js-yaml": "^4.1.1"
+    "js-yaml": "~4.1.1"
   },
   "devDependencies": {
     "jest": "^29.7.0"

package/scripts/setup-hooks.js

@@ -1,7 +1,6 @@
 #!/usr/bin/env node
 /**
  * Setup git hooks for development
- * - pre-commit: Placeholder (lib/ sync handled by agent-core CI)
  * - pre-push: Runs preflight checks, /enhance reminder, release validation
  */
 
@@ -9,13 +8,8 @@ const fs = require('fs');
 const path = require('path');
 
 const hookDir = path.join(__dirname, '..', '.git', 'hooks');
-const preCommitPath = path.join(hookDir, 'pre-commit');
 const prePushPath = path.join(hookDir, 'pre-push');
 
-const preCommitHook = `#!/bin/sh
-# Pre-commit hook (lib/ sync now handled by agent-core)
-`;
-
 const prePushHook = `#!/bin/sh
 # Pre-push validations:
 # 1. Run preflight checks (validators + gap checks)
@@ -135,14 +129,6 @@ function main() {
     return 0;
   }
 
-  try {
-    fs.writeFileSync(preCommitPath, preCommitHook, { mode: 0o755 });
-    console.log('Git pre-commit hook installed');
-  } catch (err) {
-    // Non-fatal - might not have write permissions
-    console.warn('Could not install pre-commit hook:', err.message);
-  }
-
   try {
     fs.writeFileSync(prePushPath, prePushHook, { mode: 0o755 });
     console.log('Git pre-push hook installed (release tag validation)');

package/site/content.json

@@ -5,7 +5,7 @@
     "url": "https://agent-sh.github.io/agentsys",
     "repo": "https://github.com/agent-sh/agentsys",
     "npm": "https://www.npmjs.com/package/agentsys",
-    "version": "5.8.4",
+    "version": "5.8.6",
     "author": "Avi Fenesh",
     "author_url": "https://github.com/avifenesh"
   },